NSA knew about Heartbleed for two years?

sundialsvcs · 04-14-2014, 09:22 AM

I am not surprised by this, and I definitely feel that my tax-dollars have been very poorly spent.

NSA's perception of its mission appears to be that it needs to weaken the security of our communications infrastructure so that it can eavesdrop into everything, vacuum-up a copy of it and store it away forever.

However, a principal portion of its mission should be to strengthen that infrastructure, even in the civilian sector, even though this superficially appears to weaken NSA's ability to carry out what it now perceives to be "its core mission."

The civilian sector also needs the strongest possible communications security – and, security practices – that it can possibly obtain, and the unique capabilities of the NSA (and other clandestine agencies) is needed to help achieve that. And here's why I think that this is so:

Quote:

Originally Posted by Me:

"National Security™" is a holistic mission, not merely a military one or a military-support one. The scope and breadth of 'what it is NSA's mission to protect' is far, far larger than the agency's present perception of its own charter appears to now include. When NSA works to weaken security, and/or permits known defects to continue to exist, it acts in a way that is contrary to (and damaging to) that holistic mission-statement, and the Public Interest. The unique capability, viewpoint, and expertise of the NSA ... for which said Public pays vast amounts of its money every year ... is needed to accomplish that true mission on behalf of the civilian sector."

That's what I think. And, I think it quite strongly.

cousinlucky · 04-22-2014, 08:05 PM

I'm getting strange AOL emails almost everyday that just contain a link ( that I am never clicking ) from people I have not heard from in years. Anyone else seeing such emails?

Use the Source Luke · 04-27-2014, 02:59 PM

Nothing on the internet surprises me anymore whether it's the NSA stupid spying program and bugs in software.

In today's cyber world we just need to be proactive ( use your knowledge of what security you know ) and be cybersmart.

A good plugin for firefox is called No-script. Yeah, it makes surfing the web a bit annoying because it interferes with the functionality of the web site, but I see this as a good thing because sites that you know are safe can be assigned full permissions to run scrips. And sites that are unsafe you can give them little or no permissions to run scripts. Sites like porn, games and bootleg movie torrent sites are culprits of malware and viruses in which scripts runs transparently to infect your system.

On a sad note even sites that are safe can have malicious code infected by a hacker or bugs in the software.

In any case, it's better to be proactive and use browser plugins. Of course, this doesn't guarantee jack sh*T, but being proactive will hopefully reduce some of the risks.