SoylentNews

c0lo [soylentnews.org] writes:

NY Times reports [nytimes.com] senior administration officials said Saturday (2014/04/12) that Obama has decided in Jan that NSA should reveal major flaws in Internet security when they discover rather than keep mum so that the flaws can be used in espionage or cyberattacks. The attached string: this has to be done in most circumstances

The broad exception that was carved: "a clear national security or law enforcement need" may warrant NSA keeping silence about it.
The White House has never publicly detailed Obama's decision, but elements of it became evident on Friday, when the White House denied that it had any prior knowledge of the Heartbleed bug, the Internet security hole that sent Americans scrambling last week to change their online passwords.

Not surprisingly, officials at the NSA and at its military partner, the United States Cyber Command, warned that giving up the capability to exploit undisclosed vulnerabilities would amount to "unilateral disarmament" — a phrase taken from the battles over whether and how far to cut America's nuclear arsenal.

Rhetorical question: how much the government and citizens interests must diverge before it is clear something is so broken it needs replaced?

---

Original Submission