How heartbleed works

Everybody has probably now heard of the heartbleed bug which affects hundreds of thousands of computers across the net. There are some lists out there of the popular services which are affected – see this page, for example – and it’s worth noting that you should change any passwords on Facebook, Google, IFTTT, Tumblr and Yahoo at the very least.

But have you wondered how it works? What does a ‘memory-leak vulnerability’ actually mean? Well, of course, nobody explains it better and more briefly than XKCD:

heartbleed_explanation

Enjoyed this post? Why not sign up to receive Status-Q in your inbox?

Got Something To Say:

Your email address will not be published. Required fields are marked *

To create code blocks or other preformatted text, indent by four spaces:

    This will be displayed in a monospaced font. The first four 
    spaces will be stripped off, but all other whitespace
    will be preserved.
    
    Markdown is turned off in code blocks:
     [This is not a link](http://example.com)

To create not a block, but an inline code span, use backticks:

Here is some inline `code`.

For more help see http://daringfireball.net/projects/markdown/syntax

*

© Copyright Quentin Stafford-Fraser