Settling the debate among the nation’s intelligence agencies, President Obama has said that the National Security Agency (NSA) should ideally reveal all major flaws it discovers in Internet security, instead of withholding it for the fear of the flaw being used in espionage or cyberattacks. The news was reported by The New York Times and it claims that it was revealed by some senior administration officials.
However, one broad exception for “a clear national security or law enforcement need” that Mr President let in, could lead to NSA exploit security flaws that could not only be used to crack encryption but to also design cyberweapons.
It was never made public what Mr President decided inside the walls of the White House, over the three-month review of recommendations made by a designated presidential advisory committee on the recent disclosures about the operation of NSA.
However, one could gain insights into the decision on Friday when the White House refused that it has any prior knowledge of the Heartbleed bug. It is a newly known hole in Internet security that made Americans change their online passwords last week. The White House said that when flaws of such nature are discovered, it is imperative that the knowledge is shared with computer and software manufacturers so a solution to the same can be developed and distributed.
Caitlin Hayden, the spokeswoman for the National Security Council, said, “A reinvigorated process is now in place to determine the value of disclosure whenever a security flaw is discovered. This process is biased toward responsibly disclosing such vulnerabilities.”