Skip to main content

Posts

Showing posts from April, 2014

What is Heartbleed? A Simple Explanation.

The Heartbleed bug is the trending topic online this week and I hope to consolidate some resources and explain what the issue is. The end of this post contains many links that will also help explain the situation.

What is it? 


It is a security vulnerability that has existed in the OpenSSL software library for two years. Heartbleed allows an attacker to read data that would otherwise be considered protected. This includes things like passwords, emails, and private keys. Unfortunately this act of reading data is undetectable, so we must assume that all passwords have been stolen and an attacker has copied all the private keys.
For those unfamiliar with public-key cryptography, a private key is what identifies someone online, allowing them to read encrypted messages sent to them. This can also allows someone to pretend they are Facebook and perform other such attacks. 
OpenSSL is used by the most popular web server on the internet, Apache (approximately 66% of web sites use it). There is…

Films and Ads

Ads I've noticed a lot of activity on my blog recently and I've decided to include a small Google Ads widget on the side of the page to help maintain the cost of running my main website.

If you find the ads too intrusive please let me know in the comments.

Films I have just taken a course from the Department of Film Studies at my university and to help review for the exam I may be posting some movie reviews/analysis.

This strays from the general theme of technology on the blog so far, but is one of my interests so I hope that you, Reader, find it interesting too.