18 Apr '14, 2pm

Heartbleed Bug Bit Before Patches Were Put in Place

Heartbleed Bug Bit Before Patches Were Put in Place

story raised the interesting issue of how and when to disclose such a major security problem. Apparently, once the programming error was discovered by Google, neither that information nor the fix was shared with the U.S. or other governments, nor with a whole host of vulnerable organizations, before the Google made its public announcement or fixed its own systems. Now Google is being accused of “being selfish, putting its corporate interests before global internet users' security, playing favourites, and waiting too long to report the serious Heartbleed security bug to the open-source project whose software contained the critical error.” Expect this issue of when and how to make a bug disclosure of this magnitude to be hotly debated into the foreseeable future.

Full article: http://spectrum.ieee.org/riskfactor/computing/it/heartble...

Tweets

Heartbleed Bug Patch Underway, But Was It Reall...

spectrum.ieee.org 18 Apr '14, 2am

More clarity about the vulnerability of banking and credit card data and other sensitive information such as website login...

Has Heartbleed Made You Think Twice About Open Source Security? Think Again.

Has Heartbleed Made You Think Twice About Open ...

spreecommerce.com 17 Apr '14, 1pm

Has Heartbleed Made You Think Twice About Open Source Security? Think Again. By now, unless you have been woefully under-i...

Officials Provide Tips for Heartbleed Security ...

defense.gov 19 Apr '14, 10am

Officials Provide Tips for Heartbleed Security Vulnerability By Jim Garamone American Forces Press Service WASHINGTON, Apr...

NSA said to have used Heartbleed bug, exposing ...

stripes.com 11 Apr '14, 8pm

The sign outside the National Security Agency campus at Fort Meade, Md., is seen in this June 6, 2013, file photo. Patrick...

Heartbleed Bug Patch Underway, But Was It Reall...

spectrum.ieee.org 11 Apr '14, 8pm

More clarity about the vulnerability of banking and credit card data and other sensitive information such as website login...

Just blogged: Bug takes out HostGator, BlueHost...

domainincite.com 17 Apr '14, 12pm

Our NetOps team addressed the source of the problems affecting some customers: a bug in the firmware utilized in our vendo...

#Heartbleed Aftermath: How to Effectively Diagnose Your Affected Services

#Heartbleed Aftermath: How to Effectively Diagn...

intridea.com 14 Apr '14, 2pm

Since OpenSSL's Heartbleed bug hit the news last Monday , the media has covered the obvious bases: from what it is and wha...

Do bike lanes slow car traffic? Not if you put them in the right place, according to FiveThirtyEight

Do bike lanes slow car traffic? Not if you put ...

treehugger.com 11 Apr '14, 2pm

Nate Silver's FiveThirtyEight is the go-to site if you are a stats geek. Planner Gretchen Johnson and MIT PhD candidate Aa...

Heartbleed bug: Dynadot alerts its users to cha...

domaingang.com 11 Apr '14, 7pm

We wanted to contact you regarding the recent Heartbleed OpenSSL security bug. We have already patched our website and upd...

101Domain: Reset your passwords due to the ‘Hea...

domaingang.com 13 Apr '14, 3am

“101domain is very confident that, due to the nature of the vulnerability, none of our client accounts have been compromis...