Spread the love and support DU!
Become a monthly subscriber!
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»General Discussion»Heartbleed's engineer: It...»Reply #1
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

General Discussion

In reply to the discussion: Heartbleed's engineer: It was an 'accident' [View all]

bemildred

(90,061 posts)
1. Heartbleed: Coder responsible for 'catastrophic' bug says it can be 'explained pretty easily'
Reply to steve2470 (Original post)
Fri Apr 11, 2014, 11:41 AM
Apr 2014

The programmer responsible for creating the Heartbleed bug that affected millions of websites across the web has come forward to say that the flaw was a mistake and can “be explained pretty easily”.

Robin Seggelmann was working on the OpenSSL software that is used as encryption by major websites as part of his PhD when he amended a section of the code known as the “heartbeat”.

The "heartbeat" lets servers exchange brief messages with the user to check they’re still there. The user’s computer sends the server a randomly-chosen message (for example ‘coffee’) and its length (‘six characters long’).The server then returns this message to confirm that communications between the two are still working fine.

Seggelmann’s piece of code unfortunately created a loophole that let malicious users trick the server by claiming that their random message was as long as 64,000 characters. So, in the example above, the server sends back the word ‘coffee’ as well as tens of thousands of characters of potentially damaging information.

http://www.independent.co.uk/life-style/gadgets-and-tech/news/coder-responsible-for-catastrophic-heartbleed-bug-says-it-can-be-explained-pretty-easily-9254053.html

Click here to purchase valentine hearts!

Edit history

Please sign in to view edit histories.

Recommendations

0 members have recommended this reply (displayed in chronological order):

2 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies RecommendedHighlight replies with 5 or more recommendations
Heartbleed's engineer: It was an 'accident' [View all] steve2470 Apr 2014 OP
Heartbleed: Coder responsible for 'catastrophic' bug says it can be 'explained pretty easily' bemildred Apr 2014 #1
Just fix it!!! NT greytdemocrat Apr 2014 #2
Latest Discussions»General Discussion»Heartbleed's engineer: It...»Reply #1
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2026 Democratic Underground, LLC. Thank you for visiting.