Live updates

NSA deny knowing about the Heartbleed bug

The National Security Agency (NAS) have denied that they were aware of the Heratbleed bug before the security flaw was made public.

Reports that NSA or any other part of the government were aware of the so-called Heartbleed vulnerability before April 2014 are wrong. The Federal government was not aware of the recently identified vulnerability in OpenSSL until it was made public in a private sector cybersecurity report.

The Federal government relies on OpenSSL to protect the privacy of users of government websites and other online services.

If the Federal government, including the intelligence community, had discovered this vulnerability prior to last week, it would have been disclosed to the community responsible for OpenSSL.

– Spokesperson Caitlin Hayden, US National Security Council

The denial follows claims the NSA had known about the flaw for up to two years.

NSA 'knew about Heartbleed and used it to mine data'

A padlock logo indicates that a company is using the OpenSSL security programme with the flaw.
A padlock logo indicates that a company is using the OpenSSL security programme with the flaw. Credit: Tim Goode/EMPICS Entertainment

The US National Secutiry Agency (NSA) has knew about the Heartbleed bug for at least two years before it was revealed, according to Bloomberg.

One person 'familiar with the matter' told the news agency that the NSA preferred to keep the bug secret in order to harvest the private data the flaw exposed.

Read more: 'Change every password' warning over Heartbleed bug

Advertisement

UK spy agency 'intercepted Yahoo webcam images'

UK intelligence agency GCHQ "intercepted and stored" the webcam images of internet users who were not suspected of any wrongdoing, the Guardian claimed, citing secret documents.

A generic view of the Yahoo! Homepage.
The newspaper claims GCHQ intercepted and stored images from Yahoo webcam chats Credit: Lewis Stickley/PA Archive

Files dated between 2008 and 2010 allegedly show a monitoring programme, known as "Optic Nerve", stored still images from Yahoo webcam chats and saved them to agency databases with the help of its US counterpart the National Security Agency.

GCHQ has consistently said its activities are necessary and "carried out in accordance with a strict legal and policy framework”.

Angry Birds website hacked following NSA claims

The official Angry Birds website was defaced by hackers following a leaked National Security Agency document that claimed US and British spy agencies gain access to personal data from the mobile app.

The hackers superimposed the NSA logo onto one of the angry bird characters
The hackers superimposed the NSA logo onto one of the angry bird characters Credit: Twitter/@ProPublica

Users trying to access the website late on Tuesday evening were met with an image of one of the Angry Bird characters with an NSA logo and the text "Spying Birds".

Rovia, the video game developer which created the game, denied collaborating with government agencies and sharing data.

"Rovio Entertainment Ltd, which is headquartered in Finland, does not share data, collaborate or collude with any government spy agencies such as NSA or GCHQ anywhere in the world," the firm said in a statement.

“Our fans’ trust is the most important thing for us and we take privacy extremely seriously," said Mikael Hed, CEO of Rovio Entertainment.

"As the alleged surveillance might be happening through third party advertising networks, the most important conversation to be had is how to ensure user privacy is protected," he said.

The Syrian Electronic Army (SEA), known for hacking the New York Times last year, claims an associated group was responsible for the hack.

"A friend hacked and defaced @Angrybirds website after reports confirms its spying on people. The attack was by 'Anti-NSA' Hacker," the SEA tweeted, adding "He sent an email to our official email with the link of the hacked website."

Read more: US and UK agencies 'exploit leaky apps for intelligence'

GCHQ: 'We do not comment on intelligence matters'

Responding to reports that UK and US intelligence agencies have been developing capabilities to take advantage of smartphone applications to gather users' private information, a spokesman for British intelligence agency GCHQ told the Guardian:

It is a longstanding policy that we do not comment on intelligence matters.

Furthermore, all of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All our operational processes rigorously support this position.

– GCHQ spokesman

Read: British spies 'able to snoop on YouTube and Facebook'

Advertisement

US 'only interested in collecting data on possible threats'

White House spokesman Jay Carney said US surveillance agencies were only interested in collecting data on people considered a threat to the United States.

Mr Carney told a regular White House news conference:

To the extent data is collected by the NSA [National Security Agency] through whatever means, we are not interested in the communications of people who are not valid foreign intelligence targets, and we are not after the information of ordinary Americans.

Read: British spies 'able to snoop on YouTube and Facebook'

GCHQ 'would not confirm or deny programme exists'

British intelligence agency GCHQ "would not confirm of deny the existence of the Squeaky Dolphin" monitoring programme, according to NBC News.

A spokesperson for the agency said GCHQ's work was "carried out in accordance with a strict legal and policy framework”.

File photograph of British intelligence agency GCHQ.
File photograph of British intelligence agency GCHQ. Credit: Press Association

This "ensure[s] that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee", the spokesperson added.

Read: British spies 'able to snoop on YouTube and Facebook

Web monitoring programme 'could spy on individuals'

The "Squeaky Dolphin" monitoring programme said to have been utilised by British intelligence agencies was not intended to spy on individuals, but it could be done, cyber-security experts told NBC News.

Someone types on a computer keyboard.
The documents were released by National Security Agency whistleblower Edward Snowden. Credit: Dave Thompson/PA Wire

The experts claimed the documents released by Edward Snowden show GCHQ had to have been either physically able to tap the cables carrying the world’s internet traffic or able to use a third party to gain physical access to the massive stream of data.

Once the information has been gathered, intelligence agencies have the ability to extract some user information as well, they added.

Read: British spies 'able to snoop on YouTube and Facebook'

US and UK agencies 'exploit leaky apps for intelligence'

US and British intelligence agencies have plotted ways to gather data from Angry Birds and other smartphone apps that "leak" users' personal information onto global networks, the Guardian reported, citing documents obtained from whistleblower Edward Snowden.

The report claims Angry Birds was one of the apps targeted by the NSA and GCHQ. Credit: REUTERS/Lucas Jackson

The US National Security Agency (NSA) and its British counterpart, the Government Communications Headquarters (GCHQ), had tried to exploit "leaky" smartphone apps that could disclose users' locations, age, gender and other personal information, according to the newspaper.

Read: British spies 'able to snoop on YouTube and Facebook'

Load more updates

Advertisement

Today's top stories