Why Obama's response to the Heartbleed bug is so troubling

The administration has denied exploiting the flaw for spying purposes. But that's not the end of the story.

The government reserves the right to keep internet vulnerabilities secret.
(Image credit: (iStock))

On Friday, the Obama administration unequivocally denied a report that the NSA had exploited the Heartbleed vulnerability to gather intelligence, part of a swift effort to shut down a damaging storyline that featured the government knowingly failing to shield millions of Americans from an online security flaw.

But in so doing, the administration also made two important admissions. First, it can, if pressed, use plain English free of obvious deceit, in contrast to the obfuscation that has characterized the government's response to a stream of revelations about the NSA's vast internet dragnet. And second, the administration uses a previously undisclosed review process that sometimes does — but in this case supposedly did not — approve the exploitation of Heartbleed-like bugs.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE
https://cdn.mos.cms.futurecdn.net/flexiimages/jacafc5zvs1692883516.jpg

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up
Marcy Wheeler

Marcy Wheeler is an independent journalist who covers national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including The Guardian, Salon, and The Progressive, and is the author of Anatomy of Deceit, a primer on the Scooter Libby CIA leak investigation.