david wong

Hey! I'm David, cofounder of zkSecurity and the author of the Real-World Cryptography book. I was previously a crypto architect at O(1) Labs (working on the Mina cryptocurrency), before that I was the security lead for Diem (formerly Libra) at Novi (Facebook), and a security consultant for the Cryptography Services of NCC Group. This is my blog about cryptography and security and other related topics that I find interesting.

NSA was not aware of the Heartbleed bug posted April 2014

NSA is not happy. NSA is tweeting, tumblring (is this a verb?) and shouting loud and for all of who wants to hear it : they didn't know about the Heartbleed bug.

by the way they're talking about a "zero day" vulnerability, and now is a good time to learn what it is:

a so-called “Zero day” vulnerability because the developers of the vulnerable software have had zero days to fix it

I'm akin to trust them since... well. So many US websites were using OpenSSL and... it's not really nice if someone else eavesdrop on american citizen...

Anyway, this shows that the NSA has a long way to build trust again.

Well done! You've reached the end of my post. Now you can leave a comment or read something else.

Comments

leave a comment...