Heartbleed Highlights a Contradiction in the Web

The Heartbleed bug that made news last week drew attention to one of the least understood elements of the Internet: Much of the invisible backbone of websites from Google to Amazon to the Federal Bureau of Investigation was built by volunteer programmers in what is known as the open-source community.Heartbleed originated in this community, in which these volunteers, connected over the Internet, work together to build free software, to maintain and improve it and to look for bugs. Ideally, they check one another’s work in a peer review system similar to that found in science, or at least on the nonprofit Wikipedia, where motivated volunteers regularly add new information and fix others’ mistakes.
http://www.nytimes.com/2014/04/19/technology/heartbleed-highlights-a-contradiction-in-the-web.htmlAlso see:Heartbleed Internet Security Flaw Used in Attack
Within 24 hours of the Heartbleed bug’s disclosure last week, an attacker used it to break into a major corporation, security experts said Friday.Using Heartbleed, the name for a flaw in security that is used in a wide range of web servers and Internet-connected devices, the attacker was able to break into an employee’s encrypted virtual private network, or so-called VPN, session.
http://bits.blogs.nytimes.com/2014/04/18/heartbleed-internet-security-flaw-used-in-attack/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.