Barack Obama is said to have left a big loophole in a directive telling the american national security and law enforcement communities to disclosure vulnerabilities they find in software. This directive is supposed to open an exception for “a clear national security or law enforcement need.” – that the NSA sees in each opportunity they have to snoop at anyone.
The White House have not said anything on all this incident, but NSA is reported to being using the just patch heartbleed vulnerability for two years, without ever reporting it, but also using security flaws in industrial controllers, anti-virus, heating and cooling systems, conference systems and a lot more.
At this point, if it is not clear to everyone, it surely should be, we can’t count with the american government to help make the internet more secure.
The question not asked yet is: How many of the american government websites were vulnerable to be exploited by terrorists and other governments because NSA failed to report this vulnerability? How much confidential and secret information was leaked this way from the american government and their allies? How much more will be leaked because the NSA wants to keep snooping on people who just want to check their bank account safely?
See more at the naked security website.