As it stands has a programming error made sure that the NSA has a backdoor had two years on servers with OpenSSL and this has also used. The fact that the catastrophic vulnerability was not a deliberate backdoor, but simply a programming error, also said the ex-professor of Robin Seggelmann (caused the error) today in the . on the use of space by the NSA.
For at least two years the bug in the NSA should have been known. It was decided to keep the gap secret to himself to have access to data. This allowed passwords and other sensitive data are tapped. Now criticism is loud, the Heartbleed bug affects approximately two thirds of all websites. Users were before the public discovery exposed to the risk of being spied on by other intelligence agencies or criminal hackers.
Intelligence agencies invest huge sums to find vulnerabilities. Especially popular open source protocols, as in this case OpenSSL. Open source code is usually maintained by a small group, while the NSA has more than 1,000 experts in the field to discover gaps.
What the NSA then does with the gaps, is weighed. How great is the risk to users, how big of a benefit for the NSA. So it is then simply that such a gap is exploited without informing others. From the perspective of the NSA Heartbleed bug may have been a real godsend.
Unfortunately, this message is no longer surprising if you get a little look back at what the NSA has for so opportunities to listen to everything and everyone. While the benefits of total surveillance is still in question, it’s pretty ruthless, so take advantage of an error, rather than to provide a bit more security in the network.