(Photo: Greenwald arriving at JFK airport in New York. John Minchillo / AP)
So Glenn Greenwald returned to the United States today to receive a Polk Award for his Edward Snowden scoop, and, shocker, he was neither arrested nor droned. The only question that remains is whether the president will use weather weapons to disrupt the award ceremony. And we certainly hope Glenn employs Snowden’s OPSEC soy sauce dribblings to thwart any break-ins at his hotel.
Meanwhile, Bloomberg reported today that NSA is “said to have” exploited the Heartbleed flaw in OpenSSL encryption.
If your eyes glazed over and you considered clicking over to Chez’s post about Colbert while reading that last sentence, I don’t blame you. If you didn’t, stick with me here.
Heartbleed was a vulnerability in a popular form of data encryption, known as OpenSSL, which is used to securely shuttle data around the internet. The Bloomberg article, titled “NSA Said to Exploit Heartbleed Bug for Intelligence for Years,” written by Michael Riley, cites “two people familiar with the matter” as its source. The article doesn’t say whether the sources are NSA or just a couple of nerds he met at a bar.
Furthermore, and contrary to this headline at the Booman Tribune (full disclosure, I consider Booman a friend), there’s no evidence in the article or otherwise to suggest that NSA used the opening to steal your data or to spy on you, with or without warrants, court orders, drones, or the Hamburglar.
Yet everyone is heralding this article as being a major trespass against civil liberties and [insert sanctimonious preaching here]. Now sure, I get it, if NSA knew about Heartbleed a long time ago and didn’t bother to inform OpenSSL users, that’d make NSA somewhat complicit if the bug had been used for a cyber attack, since NSA is, among other things, tasked with cyber security. But again, the substance of the article doesn’t prove anything.
So the 24-Hour Rule is in effect here. And holy hell, why am I not surprised by the sheer volume of people who uncritically believe everything they read?
Hm…NSA and WH shoot down NSA/Heartbleed rept. NSA: "NSA was not aware of the recently identified vulnerability…until it was made public"
— Siobhan Gorman (@Gorman_Siobhan) April 11, 2014