Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Issue Forums»National Security & Defense»A Question about the Hear...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

National Security & Defense

Related: About this forum

unhappycamper

(60,364 posts) Fri Apr 11, 2014, 06:41 AM Apr 2014

A Question about the Heartbleed Bug

We've all seen stories over the last few days about the Heartbleed bug being around since 2011, e.g. http://tinyurl.com/qjn3esb .

My question: Since this bug has been around since 2011 AND NSA has been sucking down all communications in the United States why didn't the NSA warn the public about Heartbleed?

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 3 replies, 829 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (1) ReplyReply to this post
3 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
A Question about the Heartbleed Bug (Original Post) unhappycamper Apr 2014 OP
They put it there. ret5hd Apr 2014 #1
Perhaps. bemildred Apr 2014 #2
It is well known who originated the heartbleed vulnerability... PosterChild Apr 2014 #3

bemildred

(90,061 posts)
2. Perhaps.
Reply to ret5hd (Reply #1)
Fri Apr 11, 2014, 07:51 AM
Apr 2014

Although to be fair, from what I can glean from reports, it's some sort of bounds checking problem, hence a typical error of the inexperienced and hurried, but most modern compilers will warn you about that sort of thing, if you turn the warnings on, and in a piece of code like this it is inexcusable. Hence, NSA sounds like a reasonable provenance for it.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

PosterChild

(1,307 posts)
3. It is well known who originated the heartbleed vulnerability...
Reply to unhappycamper (Original post)
Sat Apr 12, 2014, 02:43 PM
Apr 2014

... since it is part of an open-source, publicly distributed code base. It does not seem to have been introduced deliberately, its a bug and its security implications were not publicly understood until Tuesday, when the researchers who discovered it made it public.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»Issue Forums»National Security & Defense»A Question about the Hear...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.