If the ODNI statement is true, Heartbleed would have been reported. The big question Is whether that's true of all exploitable SSL flaws.
-
-
Replying to @mattblaze
@mattblaze they disclose 0days? sure sure. NSA doesn't appear as creditee in@OSVDB.1 reply 1 retweet 1 like -
Replying to @attritionorg
@attritionorg@mattblaze@OSVDB They launder some advisories through DHS and vendors.1 reply 0 retweets 0 likes
Replying to @josephmenn
@josephmenn @mattblaze @OSVDB if they state they coordinate disclosure, they should do it so NSA gets credit. build a shred of trust.
7:36 PM - 11 Apr 2014
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.