Heartbleed - A simple explanation

HeartbleedThis morning I had an email from the folks at 1Password explaining about the Heartbleed vulnerability.

Heartbleed is a problem in OpenSSL, a software library that is used by most websites to secure your communication using SSL. It provides the S in HTTPS, or if you prefer, it’s what’s responsible for the padlock icon in your browser’s URL bar while browsing the web.

Normally when browsing a site using SSL, you can trust that the information you send to the website can only be seen by the website itself. This keeps your private information, such as credit cards, usernames, and passwords, secure.

The Heartbleed exploit enables attackers to bypass the protections provided by SSL. This means any information you sent to a website that relied on vulnerable versions of OpenSSL could potentially already be in the hands of the bad guys.

Some of the explanations can be long winded and technical, but they had a link to this xkcd cartoon which gives a very simple explanation.


At the moment you can save 50% on 1Password, which is a great cross platform password management application.

I am always interested in your thoughts so if you have any comments or feedback then please feel free to add any comments, or you can mail me  here.

Related Posts Plugin for WordPress, Blogger...

Windingo - Nix Malware