A few days ago, the cyberworld was embarrassed to discover a major memory-handling bug in the Heartbeat extension of the Transport Layer Security protocol used in the popular OpenSSL cryptographic software library. The Heartbeat extension allows a client to tell a server that it's still connected, even if it's not doing anything at the moment, thereby preventing the server from shutting down the link between them.
The Internet and other news channels are being flooded with stories about how a vast number of users' passwords, credit card numbers, and things like online banking communications are vulnerable to attack. There are also a lot of discussions and explanations about the Heartbleed bug works; most of them make my eyes glaze over in confusion.
But then someone pointed me toward a cartoon explanation of the bug on XKCD.com. I have to say that this is the clearest explanation one could get. Take a look, and see what you think.

(Source: XKCD.com)
I also have to say I am in awe of the comic's creator, Randall Munroe. His subjects range from statements on life and love to mathematical and scientific in-jokes. When it comes to the science and technology side of things, he has a unique gift for presenting complex information in an incredibly understandable way.
One of my personal all-time favorites was the XKCD Radiation Dose Chart. I often use it to locate obscure radiation-related information, such as the dose one might expect from eating a banana. How about you? Do you have a personal XKCD favorite?
— Max Maxfield, Editor of All Things Fun & Interesting
This article was originally published on EBN's sister publication EE Times.
Pretty nice and quick explanation of the bug 🙂
The Heartbleed bug can ofcourse be exploited. God knows if somebody hasn't already figured out how to use the bug for his own benefit. First the ransomware, and now the heartbleed bug, account holders will be sweating really hard if these two things are used in collaboration.
@ananadvy: Another hacked event I guess. Anyway this is not something new. Even the most sensitive accounts too have been hacked.