The NSA's denial it knew about or exploited the Heartbleed bug raises an obvious question: does it exploit similar flaws?
The answer, according to The New York Times, is yes.
Quoting ”senior administration officials”,
the paper says US President Obama considered what the NSA should do if
it becomes aware of a vulnerability that could help its activities. His
decision led to the creation of “... a broad exception for 'a clear
national security or law enforcement need'.”
Just how broad is not explained and was not revealed to the Times.
It
is widely believed that exploiting 0-days is a common technique among
intelligence agencies the world over. For the USA to deny itself such a
tool would therefore be odd.
But without knowing just where Obama
has drawn the line it is hard to know if his policies to curb the NSA's
excesses can be taken seriously.
No comments:
Post a Comment