On 4/11/14, 2:33 PM, Gregory Foster wrote: > Bloomberg (Apr 11) - "NSA Said to Have Used Heartbleed Bug, Exposing > Consumers": > http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html > >> The U.S. National Security Agency knew for at least two years about a flaw >> in the way that many websites send sensitive information, now dubbed the >> Heartbleed bug, and regularly used it to gather critical intelligence, two >> people familiar with the matter said.
Denials: https://twitter.com/NSA_PAO/status/454720059156754434 https://twitter.com/csoghoian/status/454725375332192256 I couldn't find the primary source for the White House NSC statement Christopher posted. The "Vulnerabilities Equities Process" used to ascertain whether or not to report 0-days sounds FOIA-worthy. gf -- Gregory Foster || [email protected] @gregoryfoster <> http://entersection.com/
