On Fri, Apr 11, 2014 at 04:36:13PM -0700, Arshad Noor wrote:
> Isn't that a naive assumption? Every US-based company that has anything
> to do with crypto has to send in their source-code to a special address
> before you can be granted a License Exception (US BIS rules) to export
> to foreign cus
On 04/11/2014 03:51 PM, ianG wrote:
On 11/04/2014 17:50 pm, Jeffrey Walton wrote:
http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
The U.S. National Security Agency knew for at least two years about a
flaw in the way that many websites send s
On 11/04/2014 17:50 pm, Jeffrey Walton wrote:
> http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
>
> The U.S. National Security Agency knew for at least two years about a
> flaw in the way that many websites send sensitive information, now
> dub
So I trust EFF's analysis more here. However this is newer than the latest
article I've seen from EFF. So, where's Bloomberg's technical analysis on
the subject?
On Apr 11, 2014 5:50 PM, "Jeffrey Walton" wrote:
>
> http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-expo
http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
The U.S. National Security Agency knew for at least two years about a
flaw in the way that many websites send sensitive information, now
dubbed the Heartbleed bug, and regularly used it to gather
Jeffrey Walton shares:
|
https://www.eff.org/deeplinks/2014/04/wild-heart-were-intelligence-agencies-using-heartbleed-november-2013
|
| ...
| The second log seems much more troubling. We have spoken to Ars
| Technica's second source, Terrence Koeman, who reports finding some
| inbound pack