The simplest explanation of the Heartbleed security bug, in cartoon form

If you need to explain to non-techie folks why Heartbleed is so worrisome, this is the comic for you

By  

Leave it to Randall Munroe of xkcd fame to put this massive security bug in plain (drawn) terms. The technical details behind the encryption vulnerablility might be confusing even for those of us who know what SSL means, but as this comic points out, basically it means we're screwed.

Or, more precisely, the bug allowed at least for the last two years any user to query a web server (for sites like Yahoo and Google) and see the requests from other users. Stuff like passwords, credit card information, and other sensitive details.

You should change your passwords--but wait until the sites have fixed the vulnerabilities fully (and that should include reissuing security certificates. The best source I can find for that right now is LastPass's Heartbleed security checker).

Here's the xkcd explanation:

How the Heartbleed Bug Works

Read more of Melanie Pinola’s Tech IT Out blog and follow the latest IT news at ITworld. Follow Melanie on Twitter at @melaniepinola. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.

 

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Spotlight on ...
Online Training

    Upgrade your skills and earn higher pay

    Readers to share their best tips for maximizing training dollars and getting the most out self-directed learning. Here’s what they said.

     

    Learn more

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness