NSA isn’t required to report all security flaws
N

With the Heartbleed bug causing havoc and Dropbox users jumping ship it’s been another week in which data security and privacy have been making headlines. Now the New York Times has shed light on the NSA’s responsibilities when it comes to security flaws like Heartbleed: The Agency must report any vulnerabilities that it finds, unless there is “a clear national security or law enforcement need” to keep it hidden.

Stepping into a heated debate within the nation’s intelligence agencies, President Obama has decided that when the National Security Agency discovers major flaws in Internet security, it should — in most circumstances — reveal them to assure that they will be fixed, rather than keep mum so that the flaws can be used in espionage or cyberattacks, senior administration officials said Saturday. But Mr. Obama carved a broad exception for “a clear national security or law enforcement need,” the officials said, a loophole that is likely to allow the N.S.A. to continue to exploit security flaws both to crack encryption on the Internet and to design cyberweapons.

NOTE: TECHi Two-Takes are the stories we have chosen from the web along with little bit of our opinion in a paragraph. Please check the original story in the Source Button below.

Interested in TECHi Feed RSS?

Get the latest insights, tips, and updates on revolutionizing your workspace to your inbox.

Popular This Week