If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Huffington Post)   About those breathless news reports about the NSA knowing about Heartbleed for two years and taking advantage of it? The NSA says that's not true at all, and if we can't believe the NSA, who can we believe?   (huffingtonpost.com) divider line 68
    More: Followup, NSA, Heartbleed, news, Kim Zetter, private keys, Director of National Intelligence, credit card numbers, SSL  
•       •       •

1903 clicks; posted to Main » on 12 Apr 2014 at 10:44 AM (31 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



68 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

First | « | 1 | 2 | » | Last | Show all
 
2014-04-12 09:08:49 AM  
They're worse than what we thought the KGB were in the 80s.
 
2014-04-12 09:53:21 AM  
Can we take all the "Thanks Obama" GIFs and replace then with NSA?

No love lost between me and them but do we really need to think that the NSA really knows everything and is involved tangentially or actively in every nefarious plot out there?
 
2014-04-12 10:46:14 AM  

enry: Can we take all the "Thanks Obama" GIFs and replace then with NSA?

No love lost between me and them but do we really need to think that the NSA really knows everything and is involved tangentially or actively in every nefarious plot out there?


Well, now we get to riducule them for not knowing. That can be fun as well...
 
2014-04-12 10:51:06 AM  
I am sensing the sarcasm from the submission headline of this but do not think that is the appropriate thing. I do have the trust of the NSA. In fact I will say this to you I believe that the NSA is perhaps the most upstanding of all of the agencies of the government. Oh you will say BUT OM MAGOODNESS THEY ARE DOING THE SPYING. What do you have for hiding from they? What do you do to cause the fear of you from they who are not wishing to cause the fear of you but instead are hoping to reduce the fear of you by preventing the terrorism.

Maybe if you had the appreciation for these individuals and the hardworking you would understand.
 
2014-04-12 10:51:15 AM  

unlikely: They're worse than what we thought the KGB were in the 80s.


Only because the KGB were also worse than you thought they were.
 
2014-04-12 10:51:22 AM  
I couldn't respect them if they hadn't been.

Also, I don't like that ginger guy on Homeland. He weirds me out.
 
2014-04-12 10:53:46 AM  

FunkOut: I couldn't respect them if they hadn't been.

Also, I don't like that ginger guy on Homeland. He weirds me out.


Oh tell me about this. Do the on preaching sister of me.
 
2014-04-12 10:53:49 AM  
They're probably monitoring this thread, RIGHT NOW.
 
2014-04-12 10:55:23 AM  

enry: Can we take all the "Thanks Obama" GIFs and replace then with NSA?

No love lost between me and them but do we really need to think that the NSA really knows everything and is involved tangentially or actively in every nefarious plot out there?


It'd seem paranoid ... except for all the well-documented nefarious plots that we've seen already.

/ if you cry "wolf!" 100 times and there really is a wolf every time, it makes the 101st time seem pretty legit
 
2014-04-12 11:00:09 AM  
Someone brought this up in an earlier thread, but it's a perspective I had never really thought of;

All things aside (which is hard to do, considering basic, fundamental American rights and all), all of that, put aside for just a moment,... What an incredible, monumental, epic boondoggle. Such flagrant waste, fraud, and abuse. The NSA has spent an untold amount on this.. We don't even get to know.  And for what. Let's assume they know everything... They can't use it. They can't share it. We know for a fact they can't even look through it all.
Can you imagine if they were scientist, ornithologist, say, and went to congress asking for a budget to collect everything imaginable on ivory billed woodpeckers.. An unlimited budget to collect all information on each of them. Each individual bird. How many mites were in their nest, etc.. And they had to promise in their budget to never, ever use the data. To collect more than they had the capability to process. For science, you know...
 
2014-04-12 11:03:35 AM  

sanriosucks: Someone brought this up in an earlier thread, but it's a perspective I had never really thought of;

All things aside (which is hard to do, considering basic, fundamental American rights and all), all of that, put aside for just a moment,... What an incredible, monumental, epic boondoggle. Such flagrant waste, fraud, and abuse. The NSA has spent an untold amount on this.. We don't even get to know.  And for what. Let's assume they know everything... They can't use it. They can't share it. We know for a fact they can't even look through it all.
Can you imagine if they were scientist, ornithologist, say, and went to congress asking for a budget to collect everything imaginable on ivory billed woodpeckers.. An unlimited budget to collect all information on each of them. Each individual bird. How many mites were in their nest, etc.. And they had to promise in their budget to never, ever use the data. To collect more than they had the capability to process. For science, you know...


Shut up and just trust them, citizen.
 
2014-04-12 11:05:24 AM  

sanriosucks: Someone brought this up in an earlier thread, but it's a perspective I had never really thought of;

All things aside (which is hard to do, considering basic, fundamental American rights and all), all of that, put aside for just a moment,... What an incredible, monumental, epic boondoggle. Such flagrant waste, fraud, and abuse. The NSA has spent an untold amount on this.. We don't even get to know.  And for what. Let's assume they know everything... They can't use it. They can't share it. We know for a fact they can't even look through it all.
Can you imagine if they were scientist, ornithologist, say, and went to congress asking for a budget to collect everything imaginable on ivory billed woodpeckers.. An unlimited budget to collect all information on each of them. Each individual bird. How many mites were in their nest, etc.. And they had to promise in their budget to never, ever use the data. To collect more than they had the capability to process. For science, you know...


Then they'd be called the National Science Administration?
 
2014-04-12 11:07:11 AM  
Nothing
Sacred
Anymore
 
2014-04-12 11:08:51 AM  
Nah, we can trust two anonymous, unquoted sources saying that the NSA knew about it.  That's just good journalism.
 
2014-04-12 11:15:33 AM  
I don't think they knew about it.  No evidence, just my belief.  I fully believe they would have exploited it.
 
2014-04-12 11:17:10 AM  
What's interesting is that the NSA put out the denial, before the guy finished writing the article.  It was a coinciadink, I'm sure.

/jk
 
2014-04-12 11:18:13 AM  
My understanding is that it just spits out random memory blocks that may or may not be particularly useful. The NSA was installing back doors into hardware and has the ability to track actual phone calls so I don't see how this is particularly useful to them
 
2014-04-12 11:18:30 AM  

jshine: It'd seem paranoid ... except for all the well-documented nefarious plots that we've seen already.


Serious question--how many upstanding citizens have been/think they have been/are thought to have been farked by those NSA practices?  For the purposes of this question, do not count read-only use of personal email, Facebook, etc. but otherwise not influencing people's lives as "farked."  Also, I don't really count finding but staying quiet about Heartbleed (even if it allowed ID theft by non-NSA criminals) because it was out in the open for everyone to see; I would however count it if they actively created it, or cases where the NSA used Heartbleed as an avenue to legitimately fark someone.

I think I did hear about at least a few cases where the federal government seems to have silenced or shut down some people and businesses.  I understand that even if it's 1 person, that's 1 too many; and even if it's 0, it's still a serious violation of civil liberties.  So my above question is obviously not the same as asking "Is what the NSA does OK?"

However, I still think it is a valid question for certain practical considerations.  For example, if the number is extremely low, I would rather the NSA were the exploiters of Heartbleed than cybercriminal organizations. Both are bad but only the latter would have practical implications.  Of course it could be both, which is the worst part about the NSA weakening security.
 
2014-04-12 11:19:10 AM  
Personally if I were an American taxpayer I'd be disappointed if the NSA  didn't know about it and wasn't actively exploiting it.  You sort of expect intelligence agencies to be doing this sort of shady stuff as part of their job.
 
2014-04-12 11:20:06 AM  

MNguy: They're probably monitoring this thread, RIGHT NOW.


i.imgur.com
 
2014-04-12 11:21:27 AM  

Yankees Team Gynecologist: jshine: It'd seem paranoid ... except for all the well-documented nefarious plots that we've seen already.

Serious question--how many upstanding citizens have been/think they have been/are thought to have been farked by those NSA practices?  For the purposes of this question, do not count read-only use of personal email, Facebook, etc. but otherwise not influencing people's lives as "farked."  Also, I don't really count finding but staying quiet about Heartbleed (even if it allowed ID theft by non-NSA criminals) because it was out in the open for everyone to see; I would however count it if they actively created it, or cases where the NSA used Heartbleed as an avenue to legitimately fark someone.

I think I did hear about at least a few cases where the federal government seems to have silenced or shut down some people and businesses.  I understand that even if it's 1 person, that's 1 too many; and even if it's 0, it's still a serious violation of civil liberties.  So my above question is obviously not the same as asking "Is what the NSA does OK?"

However, I still think it is a valid question for certain practical considerations.  For example, if the number is extremely low, I would rather the NSA were the exploiters of Heartbleed than cybercriminal organizations. Both are bad but only the latter would have practical implications.  Of course it could be both, which is the worst part about the NSA weakening security.




Hush, nuance and careful consideration of verifiable facts have no place here, begone!
 
2014-04-12 11:23:49 AM  

Doktor_Zhivago: My understanding is that it just spits out random memory blocks that may or may not be particularly useful. The NSA was installing back doors into hardware and has the ability to track actual phone calls so I don't see how this is particularly useful to them


You men eat your dinner
Eat your pork and beans
 
2014-04-12 11:25:56 AM  
realistically, its doubtful this was the NSA's doing. have they taken advantage of it? maybe. plan it? meh, this seems more like the sort of lazy coding that you see every day than a super secret plot
 
2014-04-12 11:27:55 AM  

Doktor_Zhivago: My understanding is that it just spits out random memory blocks that may or may not be particularly useful. The NSA was installing back doors into hardware and has the ability to track actual phone calls so I don't see how this is particularly useful to them


yeah, thats the other point about this- the NSA was paying millions of dollars for backdoors in RSA and other security firms. if they *were* going to do this, why did they do such a crap job?
 
2014-04-12 11:28:08 AM  
This NSA/CIA crap is all fun and games until Darrel Issa becomes President.  Like the Bush administration said during the run-up to Iraq, "If you're not for this war, then you're supporting the terrorists."
Shortly thereafter, the Patriot Act became law and that made anyone deemed by the Executive to be a terrorist or a supporter of terrorism subject to Patriot Act provisions--pretty much everything available up to and including death without trial.

I'm pretty sure we will have President's that don't have an entirely benevolent nature and may, from time to time, treat political opponents badly to the full extent of the law and beyond.  Since the full extent of the law allows drone attacks on your house if the Executive wants it, I'm a little concerned about where all this may end up.  Because I once wrote on the internets that I thought Darell Issa sucks donkey balls and a few other statements that may not be considered complementary.  He might burn my house and steal my car just because NSA/CIA could accurately discern my absolute disgust of the man.  He would probably also fark my chickens because that is his MO.  Please think of the chickens.
 
2014-04-12 11:38:18 AM  

sanriosucks: What an incredible, monumental, epic boondoggle. Such flagrant waste, fraud, and abuse.


I prefer the term feckless imbroglio.
 
2014-04-12 11:39:40 AM  
See, you can fool most of the people most of the time.
 
2014-04-12 11:41:49 AM  

Yankees Team Gynecologist: Serious question--how many upstanding citizens have been/think they have been/are thought to have been farked by those NSA practices?


I don't know - how do you count all the people that have self-censored themselves in their email, phone, and/or other online communications?
 
2014-04-12 11:47:18 AM  

meow said the dog: I am sensing the sarcasm from the submission headline of this but do not think that is the appropriate thing. I do have the trust of the NSA. In fact I will say this to you I believe that the NSA is perhaps the most upstanding of all of the agencies of the government. Oh you will say BUT OM MAGOODNESS THEY ARE DOING THE SPYING. What do you have for hiding from they? What do you do to cause the fear of you from they who are not wishing to cause the fear of you but instead are hoping to reduce the fear of you by preventing the terrorism.

Maybe if you had the appreciation for these individuals and the hardworking you would understand.


8/10, but you lost 2 points for saying the NSA is upstanding.
 
2014-04-12 11:47:46 AM  
To the NSA.
Once a liar, never to be trusted again.
 
2014-04-12 11:48:56 AM  

pdkl95: Yankees Team Gynecologist: Serious question--how many upstanding citizens have been/think they have been/are thought to have been farked by those NSA practices?

I don't know - how do you count all the people that have self-censored themselves in their email, phone, and/or other online communications?


Personally no, but that's open to discussion.
 
2014-04-12 11:51:41 AM  
No
Such
Agency
 
2014-04-12 11:54:06 AM  
Who can we believe?  The techno-blogger with his military surplus jacket and Che posters blaring Skrillex as he writes informative essays on message boards and Wordpress sites.  Get with the program people!
 
2014-04-12 11:58:40 AM  
 
2014-04-12 12:07:53 PM  

Yankees Team Gynecologist: pdkl95: Yankees Team Gynecologist: Serious question--how many upstanding citizens have been/think they have been/are thought to have been farked by those NSA practices?

I don't know - how do you count all the people that have self-censored themselves in their email, phone, and/or other online communications?

Personally no, but that's open to discussion.


Well, it's at least 1 in 6 writers. We should add in all the people in jail that were not told the proper source of the "evidence" against them (probably because of parallel construction)

sanriosucks: What an incredible, monumental, epic boondoggle. Such flagrant waste, fraud, and abuse.


Oh, and jokes aside, for the big story on "waste" and military-industrial-complex profits at the NSA, you should read this letter by former NSA agents William Binney, Thomas Drake, Edward Loomis, and J. Kirk Wiebe. In it, they describe what I believe is the "missing piece" that fully explains the NSA's motive behind all this mess.
 
2014-04-12 12:19:18 PM  

Yankees Team Gynecologist: jshine: It'd seem paranoid ... except for all the well-documented nefarious plots that we've seen already.

Serious question--how many upstanding citizens have been/think they have been/are thought to have been farked by those NSA practices?  For the purposes of this question, do not count read-only use of personal email, Facebook, etc. but otherwise not influencing people's lives as "farked."  Also, I don't really count finding but staying quiet about Heartbleed (even if it allowed ID theft by non-NSA criminals) because it was out in the open for everyone to see; I would however count it if they actively created it, or cases where the NSA used Heartbleed as an avenue to legitimately fark someone.

I think I did hear about at least a few cases where the federal government seems to have silenced or shut down some people and businesses.  I understand that even if it's 1 person, that's 1 too many; and even if it's 0, it's still a serious violation of civil liberties.  So my above question is obviously not the same as asking "Is what the NSA does OK?"

However, I still think it is a valid question for certain practical considerations.  For example, if the number is extremely low, I would rather the NSA were the exploiters of Heartbleed than cybercriminal organizations. Both are bad but only the latter would have practical implications.  Of course it could be both, which is the worst part about the NSA weakening security.


I'd rather the guy who can get away with murder be my friend too.
 
2014-04-12 12:24:15 PM  

MNguy: They're probably monitoring this thread, RIGHT NOW.


Monitoring.....more like POSTING!!!
 
2014-04-12 12:25:58 PM  

Doktor_Zhivago: My understanding is that it just spits out random memory blocks that may or may not be particularly useful. The NSA was installing back doors into hardware and has the ability to track actual phone calls so I don't see how this is particularly useful to them


That's what they are counting on, citizen.
 
2014-04-12 12:27:19 PM  

kqc7011: To the NSA.
Once a liar, never to be trusted again.


img.fark.net



Considering Americas history in the intelligence business, its amazing that anyone would have trusted the NSA to begin with.
I mean, our government is seriously farked up when it comes to this. Nothing good is going to happen.

/great book, btw.
/its like reading about the keystone cops.
/only more sad, tragic, and infuriating.
 
2014-04-12 12:27:25 PM  
Heartbleed sounds just like one of the other tapping programs te NSA is already running.
 
2014-04-12 12:27:35 PM  

Doktor_Zhivago: My understanding is that it just spits out random memory blocks that may or may not be particularly useful. The NSA was installing back doors into hardware and has the ability to track actual phone calls so I don't see how this is particularly useful to them


What's faster: cracking folks passwords OR just monitoring them while they change them.

Hint: the latter.
 
2014-04-12 12:30:37 PM  

pdkl95: Well, it's at least 1 in 6 writers. We should add in all the people in jail that were not told the proper source of the "evidence" against them (probably because of parallel construction)


I'm looking for a "body" count so to speak (not literal deaths, but persons hassled/persecuted).  I understand that granting law enforcement this access opens the door to all kinds of abuses, so I'm interested in hearing the actual horror stories.  Note that I'm not saying that I think it's low--I'm interested in whatever the result is, high, low, or anything in between.  I don't see a lot of these specific stories around, but that could just mean they're not easy to document.
 
2014-04-12 12:32:21 PM  

Yankees Team Gynecologist: I think I did hear about at least a few cases where the federal government seems to have silenced or shut down some people and businesses.


Like, everyone is wondering about Silkroad: https://pay.reddit.com/r/TOR/comments/22qunq/just_how_vulnerable_was_ t or_to_heartbleed/
 
2014-04-12 12:34:30 PM  

fark'emfeed'emfish: I'd rather the guy who can get away with murder be my friend too.


Even under your ill-fitting analogy, that's wrong--you should probably rather spend time with the guy who can't get away with it, since there would be something holding him back from murdering you.

I know you were trying to say whom you would rather have as an ally, which is why the analogy doesn't work because this situation inherently only involves adversarial parties.
 
2014-04-12 12:36:52 PM  

styckx: [i.imgur.com image 400x264]


i0.kym-cdn.com
 
2014-04-12 12:38:10 PM  

Hastor: Nah, we can trust two anonymous, unquoted sources saying that the NSA knew about it.  That's just good journalism.


I agree that it doesn't meet the standards of what 'real' journalism should be, but honestly, if you were the source, would allow yourself to be quoted or named?

Not for all the asylum in Russia, if you ask me.
 
2014-04-12 12:43:27 PM  

Rand's lacy underwear: Yankees Team Gynecologist: I think I did hear about at least a few cases where the federal government seems to have silenced or shut down some people and businesses.

Like, everyone is wondering about Silkroad: https://pay.reddit.com/r/TOR/comments/22qunq/just_how_vulnerable_was_ t or_to_heartbleed/


That opens the question to how effective the initial tests for patches have been, since there are a lot of "nodes" on the internet.  Sure, gmail.com, yahoo.com, or bankofamerica.com may be fixed, but don't a lot of these places also implement some kind of third-party B2B back-end processing with names like virtualaccountservice or something with "cdn" in it?  So there's the question of whether those servers are patched, not to mention the actual hardware routers and switches.
 
2014-04-12 12:47:28 PM  

enry: Can we take all the "Thanks Obama" GIFs and replace then with NSA?

No love lost between me and them but do we really need to think that the NSA really knows everything and is involved tangentially or actively in every nefarious plot out there?



Is it weird that I was thinking the exact same thing as soon as I read the headline.
 
2014-04-12 12:52:39 PM  

MNguy: They're probably monitoring this thread, RIGHT NOW.


Paging lasershurt , paging lasershurt please make your presence known

We have a couple residents LH is one can't remember handles of others
 
2014-04-12 12:53:33 PM  
all versions of SSL and versions of TLS less than 1.1 have been vulnerable for a long time, and it wasn't a secret. It could even be compromised by crafted JavaScript.
 
Displayed 50 of 68 comments

First | « | 1 | 2 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report