[[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years]

Scott Weeks surfer at mauigateway.com
Fri Apr 11 23:36:38 UTC 2014

--- mpalmer at hezmatt.org wrote:
From: Matt Palmer <mpalmer at hezmatt.org>

The interesting thing to me is that the article claims the NSA have been
using this for "over two years", but 1.0.1 (the first vulnerable version)
was only released on 14 Mar 2012.  That means that either:

 * The NSA put it in there (still a bridge too far for me to believe without
   further evidence, although I can certainly understand why people could
   believe it) and hence were using it from day 1;

Why is a mole in the IETF subverting things hard to believe? ;-)


More information about the NANOG mailing list