Menu

Topics

TV Programs

Connect

Local

your local region

National

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

Calendar

Calendar

Search

Quick Search

  •  
  •  
  •  
  •  
  •  
  •  

Trending Now

  •  
     
  •  
     
  •  
     
  •  
     
  •  
     
  •  
     

Add Global News to Home Screen

Instructions:

  1. Press the share icon on your browser
  2. Select Add to Home Screen
  3. Press Add

Comments

Want to discuss? Please read our Commenting Policy first.

Video link
Headline link
Advertisement
Tech

NSA knew about, exploited Heartbleed bug to gather intelligence: Report

By Nicole Bogart Global News
Posted April 11, 2014 10:08 pm
2 min read
Heartbleed bug View image in full screen
FILE. RCMP are warning parents about the danger of some online apps. File/Getty Images
Share this item via WhatsApp

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

UPDATE (April 11, 10:00 p.m.): The White House and U.S. intelligence agencies have both denied claims that the U.S. National Security Agency was aware of and exploiting the Heartbleed bug bug before it was made public this week.

The White House, the NSA and the Office of the Director of National Intelligence issued statements Friday after Bloomberg reported the NSA was aware of the security vulnerability and kept it secret in the interest of national security.

TORONTO – The U.S. National Security Agency knew about and exploited an online encryption flaw now known as the to gather critical intelligence, according to a new media report.

According to a report published Friday by Bloomberg, the NSA decided to keep the major security flaw a secret in the interest of national security.

The email you need for the day's top news stories from Canada and around the world.

The report, which cites two people familiar with the matter, alleges that by exploiting the security flaw the NSA would have been able to obtain passwords and other user data that “are the building blocks of the sophisticated hacking operations at the core of its mission.”

Story continues below advertisement

The Heartbleed flaw affects OpenSSL – a widely used open-source set of libraries for encrypting online services.

Heartbleed creates an opening in SSL/TLS, an encryption technology marked by the small, closed padlock and “https:” on Web browsers to show that traffic is secure. The flaw makes it possible to snoop on Internet traffic even if the padlock is closed, leaving users’ information unsecure.

Security experts have called it one of the biggest security threats the Internet has ever faced.

Trending Now
More on Science and Tech

READ MORE: Heartbleed bug: What’s affected and what passwords you need to change

Since the bug was revealed on Monday some have speculated that the NSA and other intelligence agencies may have known about and been exploiting the flaw for cyber surveillance.

On Friday Robin Seggelmann, the developer who admitted to writing the line of code that contained the flaw denied reports that he placed it there intentionally, telling the Sydney Morning Herald the flaw was “unfortunately missed” by both himself and a reviewer when it was added to OpenSSL over two years ago.

READ MORE: Meet the man who broke the Internet

According to the report, Seggelmann said it was “tempting” to assume he had placed the bug deliberately after Edward Snowden’s revelations of the cyber surveillance conducted by the NSA, which made headlines in June.

Advertisement
© 2014 Shaw Media

Sponsored content

AdChoices