How Heartbleed Broke the Internet — And Why It Can Happen Again
Stephen Henson is responsible for the tiny piece of software code that rocked the internet earlier this week.
The key moment arrived at about 11 o'clock on New Year's Eve, 2011. With 2012 just minutes away, Henson received the code from Robin Seggelmann, a respected academic who's an expert in internet protocols. Henson reviewed the code – an update for a critical internet security protocol called OpenSSL – and by the time his fellow Britons were ringing in the New Year, he had added it to a software repository used by sites across the web.
Two years would pass until the rest of the world discovered this, but this tiny piece of code contained a bug that would cause massive headaches for internet companies worldwide, give conspiracy theorists a field day, and, well, undermine our trust in the internet. The bug is called Heartbleed, and it's bad. People have used it to steal passwords and usernames from Yahoo. It could let a criminal slip into your online bank account. And in theory, it could even help the NSA or China with their surveillance efforts.
Read Full Article
