Bitcoin Forum
June 16, 2024, 04:31:39 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: NSA Said to Have Used Heartbleed Bug, Exposing Consumers  (Read 682 times)
Wilikon (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1001


minds.com/Wilikon


View Profile
April 11, 2014, 07:18:55 PM
 #1





http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html


Wilikon (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1001


minds.com/Wilikon


View Profile
April 11, 2014, 07:28:47 PM
 #2



Proof that, if it knows about that missing plane position thanks to its spy satellites and other means, the NSA will NEVER share that information to save lives.
cooldgamer
Legendary
*
Offline Offline

Activity: 1218
Merit: 1003


We are the champions of the night


View Profile WWW
April 11, 2014, 07:41:10 PM
 #3

It gets worse every day...

Wilikon (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1001


minds.com/Wilikon


View Profile
April 11, 2014, 07:54:58 PM
 #4

It gets worse every day...



I have spent the last 2 hrs resetting and changing all my passwords on the concerned sites. Here is a list. This should be on every section of bitcointalk.

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

http://mashable.com/search/?t=stories&q=heartbleed
Equate
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500


View Profile
April 11, 2014, 08:37:46 PM
 #5

No wonder many critical bugs are still unpatched and being exploited in the wild.
murraypaul
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
April 11, 2014, 08:56:12 PM
 #6

No wonder many critical bugs are still unpatched and being exploited in the wild.

How does that make sense?
The NSA discovering a bug but not publicising it leaves the world no different to if the NSA had never found it, or if there had been no NSA.

BTC: 16TgAGdiTSsTWSsBDphebNJCFr1NT78xFW
SRC: scefi1XMhq91n3oF5FrE3HqddVvvCZP9KB
cooldgamer
Legendary
*
Offline Offline

Activity: 1218
Merit: 1003


We are the champions of the night


View Profile WWW
April 11, 2014, 10:13:54 PM
 #7

No wonder many critical bugs are still unpatched and being exploited in the wild.

How does that make sense?
The NSA discovering a bug but not publicising it leaves the world no different to if the NSA had never found it, or if there had been no NSA.
The NSA knew about this 2 years ago... the bug popped up 2 years ago... I don't think it takes a tin foil hat to put them together here

Wilikon (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1001


minds.com/Wilikon


View Profile
April 11, 2014, 11:28:02 PM
 #8

No wonder many critical bugs are still unpatched and being exploited in the wild.

How does that make sense?
The NSA discovering a bug but not publicising it leaves the world no different to if the NSA had never found it, or if there had been no NSA.

Supposedly the NSA's mission is about protecting, not just spying on the US citizen. Lots of companies are American paying taxes, taxes helping the NSA's employees. But It needs to spy, not to protect thus making everyone exposed to the bug.

Because it is its nature. We are the frog, NSA is the scorpion on our back.
murraypaul
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
April 12, 2014, 09:23:17 AM
Last edit: April 12, 2014, 10:03:33 AM by murraypaul
 #9

No wonder many critical bugs are still unpatched and being exploited in the wild.
How does that make sense?
The NSA discovering a bug but not publicising it leaves the world no different to if the NSA had never found it, or if there had been no NSA.
The NSA knew about this 2 years ago... the bug popped up 2 years ago... I don't think it takes a tin foil hat to put them together here

That the NSA is much better at finding software vulnerabilities than the open source community?

Plus: You don't know that the NSA knew about it two years ago. You know that a reporter says that two unnamed sources say that the NSA knew about it about two years ago.

BTC: 16TgAGdiTSsTWSsBDphebNJCFr1NT78xFW
SRC: scefi1XMhq91n3oF5FrE3HqddVvvCZP9KB
Wipeout2097
Sr. Member
****
Offline Offline

Activity: 840
Merit: 255


SportsIcon - Connect With Your Sports Heroes


View Profile
April 12, 2014, 09:32:37 AM
 #10

No wonder many critical bugs are still unpatched and being exploited in the wild.
How does that make sense?
The NSA discovering a bug but not publicising it leaves the world no different to if the NSA had never found it, or if there had been no NSA.
The NSA knew about this 2 years ago... the bug popped up 2 years ago... I don't think it takes a tin foil hat to put them together here

That the NSA is much better at finding software vulnerabilities than the open source community?

Of course it is! It's part of the well paid job of thousands of very high grade professionals.

The open source community writes code "for fun". Squashing those last bugs is time consuming and boring.

███████████████████████████████████████████████████████████████
██▀       ▀█       ▀████████████        ▀█         █▀       ▀██
██   ▀██▄▄▄█   ██   ████████████   ███   ████   ████   ▀██▄▄▄██
███▄     ▀██       ▄████████████       ▄█████   █████▄     ▀███
██▀▀▀██▄   █   █████████████████   █▄  ▀█████   ████▀▀▀██▄   ██
██▄       ▄█   █████████████████   ██▄  ▀████   ████▄       ▄██
███████████████████████████████████████████████████████████████
██       ██▀      ▀█████████████    ▀██   █████████████████████
████   ███   ▄██▄   ████████████     ▀█   █████████████████████
████   ███   ████████   ████   █   ▄  ▀   █████████████████████
████   ███   ▀██▀   █   ████   █   █▄     █████████████████████
██       ██▄      ▄███        ██   ██▄    █████████████████████
███████████████████████████████████████████████████████████████
██████████████
██
██
██
██
██
██
██
██
██
██
██
██████████████
████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████                                                             ████████████████████████████████████████████████
.
.
.

████████████████████████████████████████████████████████████          ████████████████                                 ██████████████████████████████████████████████████████████████████████████████████████
██████████████
██
██
██
██
██
██
██
██
██
██
██
██████████████
███████
██
██
██
██
██
██
██
██
██
██
██
███████
███████
██
██
██
██
██
██
██
██
██
██
██
███████
►►  Powered by
BOUNTY
DETECTIVE
harkonnen
Full Member
***
Offline Offline

Activity: 210
Merit: 100



View Profile
April 12, 2014, 09:53:10 AM
 #11

No wonder many critical bugs are still unpatched and being exploited in the wild.
How does that make sense?
The NSA discovering a bug but not publicising it leaves the world no different to if the NSA had never found it, or if there had been no NSA.
The NSA knew about this 2 years ago... the bug popped up 2 years ago... I don't think it takes a tin foil hat to put them together here

That the NSA is much better at finding software vulnerabilities than the open source community?

Of course it is! It's part of the well paid job of thousands of very high grade professionals.

The open source community writes code "for fun". Squashing those last bugs is time consuming and boring.

Code quality tends to be higher when it's fun to code. When you work for the money, have to meet the deadline, have to work on the project you don't really have passion for it degrade overall code quality.
Plus source codes of free software / open source are open. And it's been proven that programmers tend to produce better code with good documentation, and pay more attention to details without derails(work around and hacks). Because people are watching what you've done, you will go back to your work for typos and grammars.
murraypaul
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
April 12, 2014, 10:02:24 AM
 #12

And it's been proven that programmers tend to produce better code with good documentation, and pay more attention to details without derails(work around and hacks). Because people are watching what you've done, you will go back to your work for typos and grammars.

As you don't have access to the source code to non-open-source projects to compare, that is really more of an article of faith than actually proven, isn't it?

BTC: 16TgAGdiTSsTWSsBDphebNJCFr1NT78xFW
SRC: scefi1XMhq91n3oF5FrE3HqddVvvCZP9KB
Wipeout2097
Sr. Member
****
Offline Offline

Activity: 840
Merit: 255


SportsIcon - Connect With Your Sports Heroes


View Profile
April 12, 2014, 12:21:49 PM
 #13

No wonder many critical bugs are still unpatched and being exploited in the wild.
How does that make sense?
The NSA discovering a bug but not publicising it leaves the world no different to if the NSA had never found it, or if there had been no NSA.
The NSA knew about this 2 years ago... the bug popped up 2 years ago... I don't think it takes a tin foil hat to put them together here

That the NSA is much better at finding software vulnerabilities than the open source community?

Of course it is! It's part of the well paid job of thousands of very high grade professionals.

The open source community writes code "for fun". Squashing those last bugs is time consuming and boring.

Code quality tends to be higher when it's fun to code. When you work for the money, have to meet the deadline, have to work on the project you don't really have passion for it degrade overall code quality.
Plus source codes of free software / open source are open. And it's been proven that programmers tend to produce better code with good documentation, and pay more attention to details without derails(work around and hacks). Because people are watching what you've done, you will go back to your work for typos and grammars.
Ok, but that has barely anything to do with my point. Note that I'm not saying if NSA is better at writing code than the open source community, or not. The "comparison" is made between NSA hackers/exploiters ability to crack vs OSS developers to plug holes, not OSS vs commercial devs, neither NSA vs Defcon participants. It's somewhat apples and oranges comparison, yes, but that is what I'm replying to.



███████████████████████████████████████████████████████████████
██▀       ▀█       ▀████████████        ▀█         █▀       ▀██
██   ▀██▄▄▄█   ██   ████████████   ███   ████   ████   ▀██▄▄▄██
███▄     ▀██       ▄████████████       ▄█████   █████▄     ▀███
██▀▀▀██▄   █   █████████████████   █▄  ▀█████   ████▀▀▀██▄   ██
██▄       ▄█   █████████████████   ██▄  ▀████   ████▄       ▄██
███████████████████████████████████████████████████████████████
██       ██▀      ▀█████████████    ▀██   █████████████████████
████   ███   ▄██▄   ████████████     ▀█   █████████████████████
████   ███   ████████   ████   █   ▄  ▀   █████████████████████
████   ███   ▀██▀   █   ████   █   █▄     █████████████████████
██       ██▄      ▄███        ██   ██▄    █████████████████████
███████████████████████████████████████████████████████████████
██████████████
██
██
██
██
██
██
██
██
██
██
██
██████████████
████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████                                                             ████████████████████████████████████████████████
.
.
.

████████████████████████████████████████████████████████████          ████████████████                                 ██████████████████████████████████████████████████████████████████████████████████████
██████████████
██
██
██
██
██
██
██
██
██
██
██
██████████████
███████
██
██
██
██
██
██
██
██
██
██
██
███████
███████
██
██
██
██
██
██
██
██
██
██
██
███████
►►  Powered by
BOUNTY
DETECTIVE
zolace
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


View Profile
April 12, 2014, 12:38:15 PM
 #14

How do we know there isn't a new security "flaw" or "bug" that will capture you login and password when you change it? and this is NSA way for getting everyone to change their password so they can capture it?

⚂⚄ Pocket Dice — Real dice experienceProvably Fair
Free BTC Faucet
⚅⚁
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
Wilikon (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1001


minds.com/Wilikon


View Profile
April 12, 2014, 05:37:11 PM
 #15

No wonder many critical bugs are still unpatched and being exploited in the wild.
How does that make sense?
The NSA discovering a bug but not publicising it leaves the world no different to if the NSA had never found it, or if there had been no NSA.
The NSA knew about this 2 years ago... the bug popped up 2 years ago... I don't think it takes a tin foil hat to put them together here

That the NSA is much better at finding software vulnerabilities than the open source community?

Plus: You don't know that the NSA knew about it two years ago. You know that a reporter says that two unnamed sources say that the NSA knew about it about two years ago.

My game theory, based on evidence, tells me I should not believe the NSA or anyone representing this organization.

https://www.youtube.com/watch?v=4v7YtTnon90


TheIrishman
Legendary
*
Offline Offline

Activity: 1049
Merit: 1006


View Profile
April 12, 2014, 09:21:46 PM
 #16



The NSA's Heartbleed problem is the problem with the NSA

http://www.theguardian.com/commentisfree/2014/apr/12/the-nsas-heartbleed-problem-is-the-problem-with-the-nsa

<< What the agency's denial isn't telling you: it didn't even need know about the bug to vacuum your privacy and store it indefinitely. >>
Wilikon (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1001


minds.com/Wilikon


View Profile
April 12, 2014, 11:07:41 PM
 #17



The NSA's Heartbleed problem is the problem with the NSA

http://www.theguardian.com/commentisfree/2014/apr/12/the-nsas-heartbleed-problem-is-the-problem-with-the-nsa

<< What the agency's denial isn't telling you: it didn't even need know about the bug to vacuum your privacy and store it indefinitely. >>

Hey! I should write for the Guardian if my English wasn't atrocious. That was the point I was making in post #8 Smiley

Wilikon (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1001


minds.com/Wilikon


View Profile
April 13, 2014, 02:28:00 AM
 #18

No wonder many critical bugs are still unpatched and being exploited in the wild.
How does that make sense?
The NSA discovering a bug but not publicising it leaves the world no different to if the NSA had never found it, or if there had been no NSA.
The NSA knew about this 2 years ago... the bug popped up 2 years ago... I don't think it takes a tin foil hat to put them together here

That the NSA is much better at finding software vulnerabilities than the open source community?

Plus: You don't know that the NSA knew about it two years ago. You know that a reporter says that two unnamed sources say that the NSA knew about it about two years ago.




http://www.nytimes.com/2014/04/13/us/politics/obama-lets-nsa-exploit-some-internet-flaws-officials-say.html


---------------------------------------------------------------------------------------------------------
Obama is such a great dude.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!