cross-referenced news and research resources about

 heartbleed security bug

Heartbleed is a security bug in the open-source OpenSSL cryptography library, which is widely used to implement the Internet's Transport Layer Security (TLS) protocol. Servers as well as clients, using vulnerable OpenSSL versions for TLS, can be exploited.

Heartbleed results from improper input validation (due to a missing bounds check) in the implementation of the TLS heartbeat extension, the heartbeat being the basis for the bug's name. The vulnerability is classified as a buffer over-read, a situation where software allows more data to be read than should be allowed.

images:  google   yahoo YouTube