The heartbleed bug has been in the news lately. Rightfully so; it’s a pretty big deal, at least in theory. How much damage is practically possible and how much damage may have occurred is unknown so far. But the potential security hole is enormous!

Two things really stand out about this bug: Firstly, attackers get (potentially) vast amounts of internal computer data while leaving no record. Secondly, the bug is a simple error caused by, metaphorically speaking, not looking both ways when crossing a one-way street.

Continue reading →