"It just doesn't end. Bloomberg is reporting that, according to “two people familiar with the matter,” the NSA has known about the Heartbleed vulnerability for at least two years—and was using it to collect information about people instead of, you know, telling someone about it and getting it fixed.
With millions of websites compromised, people all over the world changing their passwords for protection, the Canadian government suspending electronic tax filing, and people speculating about whether Heartbleed is the “worst vulnerability ever,” this could end up looking pretty bad for the agency. Good thing it already has a sparkly-clean public image, or it might be in trouble.
According to Bloomberg, it doesn’t seem that the NSA created Heartbleed—it just found the bug and used it. " http://www.slate.com/blogs/future_tense/2014/04/11/nsa_knew_about_exploited_heartbleed_for_years_bloomberg_report.html?wpisrc=newsletter_jcr:content&mc_cid=67b8a19711&mc_eid=b27361148d
'via Blog this'