security
Please Stop Comparing Every Security Flaw to Heartbleed

After security firm CrowdStrike discovered a virtual machine security flaw that could (in theory) put millions of data centres at risk for malware attack this week, the comparisons came on hot, sticky, and thick. It was Heartbleed, all over again.....but this time, even WORSE. Read More >>

windows
Your Version of Windows Has a Huge Vulnerabilty, Get the Patch Now

As scary as Heartbleed was this past Spring, it looks like virtually every Microsoft Windows user is in for a little deja vu. Microsoft just released a critical patch for a huge server vulnerability—one that affects every current version of Windows out there. Read More >>

security
More Than 300K Servers of 600K are Still Vulnerable to Heartbleed

Over 300,000 servers out of the 600,000 that were vulnerable to Heartbleed are still unpatched two months after the nasty vulnerability in OpenSSL was discovered by a Google engineer. Read More >>

security
Internet Vulnerability Left Encrypted Data Exposed for 10 Years

It's been just a few months since the Heartbleed OpenSSL security flaw was discovered, and we're again learning about gaping hole in the widely used security protocol. The good news is that there's a fix. The bad news is that the vulnerability has existed for a decade, and we'll never know how much it was exploited. Read More >>

security
One Month on, 300,000 Servers Remain Affected by Heartbleed

It's over a month since the world was alerted to the Heartbleed bug, but that doesn't mean we should have forgotten about it. Quite the opposite in fact, because 300,000 servers apparently remain affected by the security hole. Read More >>

security
Developers: Heartbleed-Affected OpenSSL Code is Beyond Repair

OpenSLL is screwed, and as a result we've got Heartbleed. But now a team of developers working to overhaul the code have deemed it beyond repair—and are instead creating an alternative, forked version. Read More >>

watch this
Running the Heartbleed Code to See Exactly How it Works

By now, you've read all about Heartbleed—but what, exactly, does it look like in action? Thankfully some nerdy brave computer scientists have run it, so you don't have to. Read More >>

crime
Canadian Teen is the First Arrested for Stealing Data With Heartbleed

In what's sure to be the first of many to come, a 19-year-old Canadian man was arrested for exploiting the Heartbleed bug to lift taxpayer data from a government website, making this the first official Heartbleed-related arrest. Read More >>

android
How to Check if Your Android Device Could be Hacked via Heartbleed

Heartbleed is causing heartache on hundreds of servers all over the internet, but security researchers have also warned that the bug could allow direct hacks of Android, too. Here's how to check if your device is at risk. Read More >>

security
Oedipal Heartbleed Hackers Attack Mumsnet

Mumsnet, the parenting blog with 1.5 million registered users, has been hit by hackers exploiting the Heartbleed bug, with the site becoming the first confirmed victim of the security flaw. Read More >>

privacy
NYT: Obama Lets the NSA Exploit Some Internet Flaws

Over the weekend, it was revealed that President Obama thinks that when the National Security Agency discovers major flaws in internet security, they should be allowed to exploit it if there's a "a clear national security or law enforcement need." Read More >>

design
How a Great Logo Helped Make You Actually Care About Heartbleed

You might not understand the how Heartbleed works, but you definitely heard about it this week. And with it, that drippy, maroon, bleeding heart logo—which is part of what made the story so memorable. In fact, the way Heartbleed was presented by the team that discovered it is a model for how technology issues should be communicated to the public. Read More >>

privacy
Report: NSA Used Heartbleed to Spy on People for Years

It's true. After days of speculation over whether the NSA knew about the Heartbleed vulnerability that affected as many as two thirds of the websites on the internet, two anonymous sources tell Bloomberg that the NSA didn't just know about it, they used it to gather intelligence. Read More >>

security
How Secure are Your Favourite Websites?

Heartbleed is a scary thing. Aside from the violent-sounding name, the vulnerability in OpenSSL security protocols spans the entire internet and affects most of the sites we know, love, and use on a daily basis. Even outside of Heartbleed, not all security protocols are created equal. So how do you know who to trust? Read More >>

security
Heartbleed Affects Routers, Too

Some more heartache from Heartbleed: it affects routers, too. Cisco Systems and Juniper Networks have announced that the security hole that is Heartbleed has been found in their networking equipment. Read More >>