There is no way the NSA does not have a team of coders that know the OpenSSL code by heart. They've definitely known about it.

"... attempt to exploit would stick out like a sore thumb"

How? None of those TLS heartbeat requests are logged anywhere, you would never know. You can definitely target someone - you only need know what websites they tend to visit. Granted, it's more useful to an identity thief / fraud type than the NSA, but in no way is it a "weak" exploit - it's rather devastating.

2.6 million requests wouldn't take long. Six months is not long for someone collecting data. It's not as if they're sitting there looking at it the whole time, if ever.

You mean the guy who later went (back) to work for the NSA? That guy?

But Big Brother can be defeated: <a href="http://westernrifleshooters..." target="_blank">" rel="nofollow noopener" title="http://westernrifleshooters.files.wordpress.com/2...">http://westernrifleshooters...

Huh?

We could fund Obamacare...

<a href="http:\/\/wmpoweruser.com\/watch-what-you-store-on-skydriveyou-may-lose-your-microsoft-life\/" target="_blank">Or not. </a>

It's all there in Step 2, the one right before "Profit!"

and the TeeVee remote

This was all because of Our Glorious War on Terror Which Will Never End.

Luckily, their motto is not: "To Protect & To Serve!"

The least NSA could do would be to leak a few webcam pics of Sarah Palin - without her wig.

OK, so the agency that's been caught spying on and attempting to blackmail Congress ("attempting" as far as we know) is also <i>maybe</i> just flat-out not doing their actual job? They'd all get fired if everybody in charge wasn't afraid of them.

J. Edgar Hoover would be <i>so</i> proud!

No, you're thinking of "Girls."