It has surfaced that the NSA knew of the ‘heartbleed’ SSL encryption flaw for at least two years before it was known publicly. The agency used it to their advantage to collect data from unsuspecting sites. The NSA denies these reports, claiming that any knowledge of the bug prior to 2014 is incorrect.
After all the uproar the NSA has caused lately, the fact that they chose to keep the bug a secret to use it in their advantage has caused public outrage not only from American citizens but global concern at high alert. Simply put, this vulnerability is of catastrophic proportions. This unfortunate bug affected the whole World Wide Web in such a large fashion, that concern about NSA deciding to keep it to themselves has brought many to question the legitimacy of their existence once more.
It is estimated that two-thirds of all websites including Cisco and Juniper systems had been affected, making this a historical event in online security. Luckily, the error was minor and experts we’re able to patch it 5 days later, allowing all sites and systems to follow suit. Users however, had the responsibility to reset all the affected passwords to remain on the safe side.
The NSA was able to easily obtain access to passwords and other databases that would otherwise require sophisticated hacking and man hours to achieve with possible failure or detection. This backdoor was like finding a gold mine. Unfortunately, keeping this secret instead of notifying the world, came at the cost of everyone else’s security and privacy. We call this humanitarian negligence.
The Security Agency who does all this in the name of national security, really dug themselves deep with this one. The importance of online security and the role that encrypted networking now has in today’s daily communications and operations, it cannot be overlooked in this manner. Global economies depend on today’s’ technological tools that allow us to do what we do. Bloomberg covers the topic as well and includes in-depth coverage of important facets surrounding the story and the NSA’s operations.
We suggest you read their article starting down at the “Controversial Practice” section. It’s a great read on a very important topic in our minds. We need to continue to fight for better ethics, we must be able to trust in one another’s nations for a peaceful tomorrow. Change for a more positive cyber security community is needed and we are hopefully headed in the right direction for it. In the meantime, it’s important to keep yourself secure as well. Make sure to check out our top VPN reviews and make the pick for your privacy to be kept safe.