Google Knew About Heartbleed and Didn’t Tell the Government

am

Christopher Soghoian, the principal technologist for the American Civil Liberties Union, said the U.S. government only has itself to blame if tech companies don’t trust it to handle sensitive security information. He said that because government agencies often share information with each other, there’s no way for a company to be sure the NSA won’t get information shared with another agency and use it to hack into private communications.

Da müsste ein Unternehmen schon schön blöd sein, den US-Behörden über eine Sicherheitslücke Bescheid zu sagen, bevor das Problem nicht selbst gefixt wurde.