Heartbleed in Context: A Brief History of “Hacking”

The recent Heartbleed attacks that exposed vulnerabilities in some of the most well-known Internet moguls resulted in one of the most severe security incidents in the history of online data transfer. The Heartbleed security bug, technically identified as CVE-2014-0160 and called “TLS heartbeat read overrun,” is found within the open-source OpenSSL cryptographic library, which is used to provide Secure Sockets Layer (SSL) encryption capabilities for data in transit on the Web. For those of us a little less tech-savvy, Heartbleed provides “hackers” access to information stored on commonly used servers. Of the more popular websites, Heartbleed revealed vulnerabilities in sites including Yahoo!, Pinterest and Reddit, all of which hold personal user information that may have been lost to data theft. In this post, we place the recent Heartbleed attacks in historical context with a brief overview of “hacking” history.

Read More