Loophole allows the NSA to exploit internet security risks

  By now most people have probably heard about the heartbleed bug internet security risk. Yesterday America’s Watchtower covered a report that the NSA has actually known about the heartbleed bug and had been exploiting it for two years.

  The NSA is denying this claim but now a story in the New York Times is claiming that Barack Obama granted a loophole which would allow the NSA to exploit such bugs rather than report them so they could be immediately closed.

Stepping into a heated debate within the nation’s intelligence agencies, President Obama has decided that when the National Security Agency discovers major flaws in Internet security, it should — in most circumstances — reveal them to assure that they will be fixed, rather than keep mum so that the flaws can be used in espionage or cyberattacks, senior administration officials said Saturday.

But Mr. Obama carved a broad exception for “a clear national security or law enforcement need,” the officials said, a loophole that is likely to allow the N.S.A. to continue to exploit security flaws both to crack encryption on the Internet and to design cyberweapons.

  Here is more:

Caitlin Hayden, the spokeswoman for the National Security Council, said the review of the recommendations was now complete, and it had resulted in a “reinvigorated” process to weigh the value of disclosure when a security flaw is discovered, against the value of keeping the discovery secret for later use by the intelligence community.

  But could there be another reason for keeping the security risks open? If the government is keeping some security risks open for the  purpose of national defense might they not also need a means by which they can quickly shut everything down in the event of an imminent attack–an attack which might not be imminent if the government disclosed the risk in the first place?

  In case you have not guessed–I am talking about the internet kill switch Barack Obama so desperately wants.