10 April 2014

My heart bleeds for you (security-wise, anyway)

What is Heartbleed, and why should I care?

If you've paid any attention to tech news over the last few days, you may have heard of a serious vulnerability called Heartbleed. In a nutshell, this is a vulnerability found in OpenSSL. What's OpenSSL? It's the program used by many web servers to provide HTTPS access via Transport Layer Security (TLS, which we used to call SSL). In other words, when you open a browser and buy something on Amazon, or log into Google Apps, you're connecting to a web server that uses TLS.