If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Huffington Post)   About those breathless news reports about the NSA knowing about Heartbleed for two years and taking advantage of it? The NSA says that's not true at all, and if we can't believe the NSA, who can we believe?   (huffingtonpost.com) divider line 16
    More: Followup, NSA, Heartbleed, news, Kim Zetter, private keys, Director of National Intelligence, credit card numbers, SSL  
•       •       •

1892 clicks; posted to Main » on 12 Apr 2014 at 10:44 AM (23 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



Voting Results (Smartest)
View Voting Results: Smartest and Funniest

2014-04-12 09:53:21 AM
3 votes:
Can we take all the "Thanks Obama" GIFs and replace then with NSA?

No love lost between me and them but do we really need to think that the NSA really knows everything and is involved tangentially or actively in every nefarious plot out there?
2014-04-12 01:19:13 PM
1 votes:

Yankees Team Gynecologist: pdkl95: Well, it's at least 1 in 6 writers. We should add in all the people in jail that were not told the proper source of the "evidence" against them (probably because of parallel construction)

I'm looking for a "body" count so to speak (not literal deaths, but persons hassled/persecuted).  I understand that granting law enforcement this access opens the door to all kinds of abuses, so I'm interested in hearing the actual horror stories.  Note that I'm not saying that I think it's low--I'm interested in whatever the result is, high, low, or anything in between.  I don't see a lot of these specific stories around, but that could just mean they're not easy to document.


That's the thing about these kinds of abuses: the part we (the public) get to see is likely only a tiny part of what goes on, and we often have to dig through layers of indirection to find it.

As for hassled/persecuted, if you haven't yet done so, you should read the link I gave up above by Binney/Drake/etc. Specifically, Thomas Drake's story, which you can also hear him tell in his own words at this talk at 29C3 (I've linked to Drake's talk, but Radack's and Binney's talk in that video are also worth watching).
2014-04-12 12:43:27 PM
1 votes:

Rand's lacy underwear: Yankees Team Gynecologist: I think I did hear about at least a few cases where the federal government seems to have silenced or shut down some people and businesses.

Like, everyone is wondering about Silkroad: https://pay.reddit.com/r/TOR/comments/22qunq/just_how_vulnerable_was_ t or_to_heartbleed/


That opens the question to how effective the initial tests for patches have been, since there are a lot of "nodes" on the internet.  Sure, gmail.com, yahoo.com, or bankofamerica.com may be fixed, but don't a lot of these places also implement some kind of third-party B2B back-end processing with names like virtualaccountservice or something with "cdn" in it?  So there's the question of whether those servers are patched, not to mention the actual hardware routers and switches.
2014-04-12 12:36:52 PM
1 votes:

styckx: [i.imgur.com image 400x264]


i0.kym-cdn.com
2014-04-12 12:07:53 PM
1 votes:

Yankees Team Gynecologist: pdkl95: Yankees Team Gynecologist: Serious question--how many upstanding citizens have been/think they have been/are thought to have been farked by those NSA practices?

I don't know - how do you count all the people that have self-censored themselves in their email, phone, and/or other online communications?

Personally no, but that's open to discussion.


Well, it's at least 1 in 6 writers. We should add in all the people in jail that were not told the proper source of the "evidence" against them (probably because of parallel construction)

sanriosucks: What an incredible, monumental, epic boondoggle. Such flagrant waste, fraud, and abuse.


Oh, and jokes aside, for the big story on "waste" and military-industrial-complex profits at the NSA, you should read this letter by former NSA agents William Binney, Thomas Drake, Edward Loomis, and J. Kirk Wiebe. In it, they describe what I believe is the "missing piece" that fully explains the NSA's motive behind all this mess.
2014-04-12 11:23:49 AM
1 votes:

Doktor_Zhivago: My understanding is that it just spits out random memory blocks that may or may not be particularly useful. The NSA was installing back doors into hardware and has the ability to track actual phone calls so I don't see how this is particularly useful to them


You men eat your dinner
Eat your pork and beans
2014-04-12 11:20:06 AM
1 votes:

MNguy: They're probably monitoring this thread, RIGHT NOW.


i.imgur.com
2014-04-12 11:19:10 AM
1 votes:
Personally if I were an American taxpayer I'd be disappointed if the NSA  didn't know about it and wasn't actively exploiting it.  You sort of expect intelligence agencies to be doing this sort of shady stuff as part of their job.
2014-04-12 11:18:30 AM
1 votes:

jshine: It'd seem paranoid ... except for all the well-documented nefarious plots that we've seen already.


Serious question--how many upstanding citizens have been/think they have been/are thought to have been farked by those NSA practices?  For the purposes of this question, do not count read-only use of personal email, Facebook, etc. but otherwise not influencing people's lives as "farked."  Also, I don't really count finding but staying quiet about Heartbleed (even if it allowed ID theft by non-NSA criminals) because it was out in the open for everyone to see; I would however count it if they actively created it, or cases where the NSA used Heartbleed as an avenue to legitimately fark someone.

I think I did hear about at least a few cases where the federal government seems to have silenced or shut down some people and businesses.  I understand that even if it's 1 person, that's 1 too many; and even if it's 0, it's still a serious violation of civil liberties.  So my above question is obviously not the same as asking "Is what the NSA does OK?"

However, I still think it is a valid question for certain practical considerations.  For example, if the number is extremely low, I would rather the NSA were the exploiters of Heartbleed than cybercriminal organizations. Both are bad but only the latter would have practical implications.  Of course it could be both, which is the worst part about the NSA weakening security.
2014-04-12 11:07:11 AM
1 votes:
Nothing
Sacred
Anymore
2014-04-12 11:03:35 AM
1 votes:

sanriosucks: Someone brought this up in an earlier thread, but it's a perspective I had never really thought of;

All things aside (which is hard to do, considering basic, fundamental American rights and all), all of that, put aside for just a moment,... What an incredible, monumental, epic boondoggle. Such flagrant waste, fraud, and abuse. The NSA has spent an untold amount on this.. We don't even get to know.  And for what. Let's assume they know everything... They can't use it. They can't share it. We know for a fact they can't even look through it all.
Can you imagine if they were scientist, ornithologist, say, and went to congress asking for a budget to collect everything imaginable on ivory billed woodpeckers.. An unlimited budget to collect all information on each of them. Each individual bird. How many mites were in their nest, etc.. And they had to promise in their budget to never, ever use the data. To collect more than they had the capability to process. For science, you know...


Shut up and just trust them, citizen.
2014-04-12 11:00:09 AM
1 votes:
Someone brought this up in an earlier thread, but it's a perspective I had never really thought of;

All things aside (which is hard to do, considering basic, fundamental American rights and all), all of that, put aside for just a moment,... What an incredible, monumental, epic boondoggle. Such flagrant waste, fraud, and abuse. The NSA has spent an untold amount on this.. We don't even get to know.  And for what. Let's assume they know everything... They can't use it. They can't share it. We know for a fact they can't even look through it all.
Can you imagine if they were scientist, ornithologist, say, and went to congress asking for a budget to collect everything imaginable on ivory billed woodpeckers.. An unlimited budget to collect all information on each of them. Each individual bird. How many mites were in their nest, etc.. And they had to promise in their budget to never, ever use the data. To collect more than they had the capability to process. For science, you know...
2014-04-12 10:55:23 AM
1 votes:

enry: Can we take all the "Thanks Obama" GIFs and replace then with NSA?

No love lost between me and them but do we really need to think that the NSA really knows everything and is involved tangentially or actively in every nefarious plot out there?


It'd seem paranoid ... except for all the well-documented nefarious plots that we've seen already.

/ if you cry "wolf!" 100 times and there really is a wolf every time, it makes the 101st time seem pretty legit
2014-04-12 10:53:49 AM
1 votes:
They're probably monitoring this thread, RIGHT NOW.
2014-04-12 10:51:15 AM
1 votes:

unlikely: They're worse than what we thought the KGB were in the 80s.


Only because the KGB were also worse than you thought they were.
2014-04-12 09:08:49 AM
1 votes:
They're worse than what we thought the KGB were in the 80s.
 
Displayed 16 of 16 comments

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report