Welcome Stranger to OCC!Login | Register

Code that Caused Heartbleed Called an Accident

Category: Bugs / Virus
Posted: April 11, 2014 10:22AM
Author: CheeseMan42

The programmer responsible for checking in the code that led to the Heartbleed bug in OpenSSL has described it as an accident, not a malicious activity. The bug was found in an area of the code that pertained to security and was caused by "missing validation on a variable containing a length." The code went through a peer review process and neither the original programmer or peer reviewer were able to catch the bug. There is a published list of some sites that have been impacted by the bug, but it would probably be a good idea to change all of your passwords anyway.

Source: ZDNet



Register as a member to subscribe comments.

This news has comment postings disabled because it is now archived.

© 2001-2014 Overclockers Club ® Privacy Policy

Also part of our network: TalkAndroid, Android Forum, iPhone Informer, Neoseeker, and Used Audio Classifieds

Elapsed: 0.0241489410