Yes, our National Security Agency doesn't give a damn about your security online. They knew about the infamous Heartbleed bug that exposed users passwords and other sensitive information to hackers at websites around the world, and used it to data mine your information and probably mine, too, rather than shut threat to our private information down.
The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said. [...]Way to go NSA! Thanks for all your hard work protecting America! NOT. Can we all agree now that the Watchmen need to be disbanded? Or at least get knocked down about 1000 pegs? And how about firing whoever authorized this bulls***? I am just effing flabbergasted. I know I shouldn't be after all the disclosures that have come to light, but damn, really? Allowing internet criminals and other nations' security forces to steal our private information (financial and otherwise), passwords, etc, all in the name of what? Certainly not "our" national security, unless that term means something entirely different to the NSA than it does to Joe and Jane Average American citizen.
Putting the Heartbleed bug in its arsenal, the NSA was able to obtain passwords and other basic data that are the building blocks of the sophisticated hacking operations at the core of its mission, but at a cost. Millions of ordinary users were left vulnerable to attack from other nations’ intelligence arms and criminal hackers.
“It flies in the face of the agency’s comments that defense comes first,” said Jason Healey, director of the cyber statecraft initiative at the Atlantic Council and a former Air Force cyber officer. “They are going to be completely shredded by the computer security community for this.” [...]
The NSA and other elite intelligence agencies devote millions of dollars to hunt for common software flaws that are critical to stealing data from secure computers. Open-source protocols like OpenSSL, where the flaw was found, are primary targets. [...]
[T]he NSA has more than 1,000 experts devoted to ferreting out such flaws using sophisticated analysis techniques, many of them classified. The agency found the Heartbleed glitch shortly after its introduction, according to one of the people familiar with the matter, and it became a basic part of the agency’s toolkit for stealing account passwords and other common tasks.