The Heartbleed Bug, explained

10 Cards

EDITED BY Timothy B. Lee

2014-06-19 09:57:57 -0400

1. What was the Heartbleed Bug?
2. Which websites were affected?
3. What is SSL?
4. What's OpenSSL?
5. How does the Heartbleed attack work?
6. Who discovered the vulnerability?
7. How did the Heartbleed bug get added to OpenSSL?
8. What information can you get with a Heartbleed attack?
9. Have there been any successful attacks using the Heartbleed bug?
10. What is being done to prevent future problems like Heartbleed?

1. Card 1 of 10

   What was the Heartbleed Bug?

2. Card 2 of 10

   Which websites were affected?

3. Card 3 of 10

   What is SSL?

4. Card 4 of 10

   What's OpenSSL?

5. Card 5 of 10

   How does the Heartbleed attack work?

6. Card 6 of 10

   Who discovered the vulnerability?

   It was discovered independently by researchers at Codenomicon and Google Security. Codenomicon created a user-friendly website about the vulnerability, helping to rapidly spread awareness.

   To minimize the damage from the disclosure, the researchers worked with the OpenSSL team and other key insiders to prepare fixes before the problem was announced publicly.

7. Card 7 of 10

   How did the Heartbleed bug get added to OpenSSL?

8. Card 8 of 10

   What information can you get with a Heartbleed attack?

9. Card 9 of 10

   Have there been any successful attacks using the Heartbleed bug?

10. Card 10 of 10

    What is being done to prevent future problems like Heartbleed?