Heartbleed bug exposes massive number of Chinese websites to NSA spying
Arthur Dominic Villasanta | | Apr 13, 2014 11:17 PM EDT |
The US National Security Administration (NSA) has been aware of the "Heartbleed" bug for over two years and has been exploiting the bug to carry out undetectable spying on US strategic competitors, including China.
Major US media organizations such as Bloomberg have reported that the NSA has been aware of and actively exploiting the Heartbleed bug for at least two full years, citing sources familiar with the incident.
Like Us on Facebook
The NSA, however, said in a Twitter post it was not aware of the recently identified Heartbleed vulnerability until it was made public.
Security analysts said the new allegations against the NSA will add to the woes faced by the much maligned agency, which is still struggling with the damaging and negative publicity generated by Edward Snowden's revelations.
Snowden last year revealed that the super secret NSA can easily defeat many of today's encryption technologies, and that the supposedly safe Secure Socket Layer or SSL protocol was a favorite target for the NSA.
Last week's astonishing revelation that a small error in the open-source OpenSSL implementation of the SSL encryption protocol, called Heartbleed, opened a huge hole in the security million of websites worldwide and has raised fears of NSA snooping. Those fears seem to have been confirmed by the latest exposés.
Heartbleed exposed to hackers passwords from supposedly secure sites protected by HTTPS. It has given cyber-criminals the chance to steal private user information such as credit card numbers, usernames and passwords, said security analysts.
Heartbleed was discovered two weeks ago and disclosed only last April 7. It has caused several websites to advise users to change their passwords.
"The little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit," said Tumblr in a warning to its users.
"It is catastrophically bad, just a hugely damaging bug," said International Computer Science Institute security researcher Nicholas Weaver.
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
-
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?