

How the NSA shot itself in the foot by denying prior knowledge of Heartbleed - anigbrowl
http://www.zdnet.com/institutional-failure-led-to-nsa-missing-the-heartbleed-flaw-7000028366/

======
higherpurpose
tl;dr NSA is either lying (they _knew_ about it, and didn't tell anyone,
therefore failing their mission to "protect America"), or NSA is incompetent,
and in 2 years they couldn't find this massive vulnerability, even though they
have thousands of security researchers, spend billions of dollars, and OpenSSL
_should_ be a huge target for them - therefore also failing their mission to
"protect America".

So far NSA has pleaded incompetence.

~~~
Zigurd
Such a self-inflicted wound would not be so deep had they not torpedoed their
own credibility so thoroughly beforehand: "It was the "least untruthful..."

So there you have the DNI lying before congress, and his General Counsel, in a
letter to the New York Times
[http://www.nytimes.com/2014/01/04/opinion/testimony-of-
the-n...](http://www.nytimes.com/2014/01/04/opinion/testimony-of-the-national-
intelligence-director.html?ref=jamesrclapperjr&_r=1) claiming that the reality
in Clapper's mind should the basis for judging his truthfulness. It really
can't get any better.

