Daily Archives:April 11th, 2014

How heartbleed works

Everybody has probably now heard of the heartbleed bug which affects hundreds of thousands of computers across the net. There are some lists out there of the popular services which are affected – see this page, for example – and it’s worth noting that you should change any passwords on Facebook, Google, IFTTT, Tumblr and Yahoo at the very least.

But have you wondered how it works? What does a ‘memory-leak vulnerability’ actually mean? Well, of course, nobody explains it better and more briefly than XKCD:

heartbleed_explanation

© Copyright Quentin Stafford-Fraser