The US National Security Agency has denied it knew about or exploited the Heartbleed online security flaw.

The denial came after a Bloomberg News report alleging the NSA used the flaw in OpenSSL to harvest data.

OpenSSL is online-data scrambling software used to protect data such as passwords sent online.

Last year, NSA leaker Edward Snowden claimed the organisation deliberately introduced vulnerabilities to security software.The denial came after a Bloomberg News report alleging the NSA used the flaw in OpenSSL to harvest data.

OpenSSL is online-data scrambling software used to protect data such as passwords sent online.

Last year, NSA leaker Edward Snowden claimed the organisation deliberately introduced vulnerabilities to security software.

“[The] NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private-sector cyber security report,” NSA spokeswoman Vanee Vines said in an email, adding that “reports that say otherwise are wrong.”

A White House official also denied the US government was aware of the bug.

Heartbleed logo
“Reports that NSA or any other part of the government were aware of the so-called Heartbleed vulnerability before April 2014 are wrong,” White House national security spokeswoman Caitlin Hayden said in a statement.

Read the Full Article: Source – BBC News
http://www.bbc.com/news/technology-27004713#sa-ns_mchannel=rss&ns_source=PublicRSS20-sa

source not found