Why didn't Snowden disclose Heartbleed (and others)?
Cypher
cypher at cpunk.us
Tue Apr 15 12:11:02 PDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 04/15/2014 11:16 AM, Lodewijk andré de la porte wrote:
> Exhaustive list of possibilities (please extend where possible): A
> Did not know B Did not care C Felt like it would negatively impact
> the NSA's (legitimate) functioning D Didn't get around to it yet E
> Snowden is an unconventional NSA set up F Snowden's documents are
> not recent enough
Personally, I'm going with D but with some caveats. Snowden has long
preached the 'encryption works but the endpoints are so weak that it
often doesn't matter'. I've always read this as 'encryption works when
it's done right. And it's almost never done right'. This might have
been a hint about Heartbleed, but I doubt it. I don't see Snowden as
the type of man who'd put the entire world's security at risk just in
the interests of US National Security.
This is why I've long been an advocate of total disclosure. I think
the document holders should publish everything they have. After they
do that, they could continue to 'leak release' documents with detailed
explanations for those who are too lazy or too confused by the
documents to sift through them and read them but having a document
dump out there would make the process of disclosure /much/ faster. And
it would freak the NSA out - a happy plus. I say fuck national
security. These guys are burning down the entire world just to further
their agenda. They deserve no consideration, even if it does put them
at a disadvantage.
Me
- --
Want to communicate with me privately?
Find my PGP public key here:
http://pgp.mit.edu/pks/lookup?op=get&search=0x5BAEB5B2FA26826B
Fingerprint: 6728 40CE 35EE 0BF3 2E15 C7CC 5BAE B5B2 FA26 826B
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCgAGBQJTTYRGAAoJEFuutbL6JoJrQq8P/ibFbU9oBLG0NPY4EQYUDWNu
EkCwnF85wx6HIteAxMaRYRyG9JHzNuXIE27/0+jcgStB3zz9Qis7LXvMOziH485x
Rc0vJshsvseuInSaPDfR91Infy0KDpvuSgCSFib1ZnmGFaKrBtNE0cciAnrb3+La
0CoG6wMiyS1RuTJnb48y3Jr2cqsswXcl/6CkgU9hLsjGcTucoUv0tRa1IBJslv4s
JxWS0KE0ww/pwF32LCRD1LQIDMScbtgD5vZtZrxUc2FmgFubOPzbXVQ4/IU9tmTA
+8pHNBQfXY0OQ2WpraMNyjHSMfeZtEd6xgWOhekCM3ARhwPLlA9AZV3IDWcHWv//
kappxWfL2J1quycc/ujGkQlIvGG7xLFen5fkRL5cz+I6E99uaR5Om/HF2qNsvudB
bHThid3RS9AK07sm8HDBjOj9FVFA5XMFwwPamBf9UQjQllfm7RycAMczgc5tyYx6
FHojMzvRRbc6kXT4eWbWjWwC/dug8u7dcjKrvpfJh15v2JTHOmwU0ww36/Ib3gBu
5CKDqz+w5KI5cUDWaKZ8FmNuAZs0d0K9crCHQoPwQxGAsoxVzoQvxhDyDZ3tXVxS
CPb/wr08M+oBdWYAM9FVNQRmQfynkXGcximSQr76yNHKXEbiL97U7gh9uWwcJZSX
GIbXR2xNqQocEXnfKHAJ
=yzRN
-----END PGP SIGNATURE-----
More information about the cypherpunks
mailing list