But Snowden also warned that crypto systems aren’t always properly implemented. “Unfortunately,” he said, “endpoint security is so terrifically weak that NSA can frequently find ways around it.”
This week, that caveat hit home — in a big way — when researchers revealed Heartbleed, a two-year-old security hole involving the OpenSSL software many websites use to encrypt traffic. The vulnerability doesn’t lie in the encryption itself, but in how the encrypted connection between a website and your computer is handled. On a scale of one to ten, cryptographer Bruce Schneier ranks the flaw an eleven.
Join us on our
Share this page with your friends
on your favorite social network: