With news breaking on Monday, April 7th that the Heartbleed bug causes a vulnerability in the OpenSSL cryptographic library, which is used by roughly two-thirds of all websites on the Internet many people started wondering what Heartbleed actually was. In a nut shell Heartbleed was introduced as a feature so that a computer could know that the server was listening to it, and this feature still exists. The vulnerability was that the computer could request not only request the server to say “hello” and receive “hello” but could request to receive additional information after “hello” which could provide access to unencrypted passwords and other information. To fully understand what is going on keep reading (comics to come!).
I believe It truly takes a genius to explain something complicated in a simplistic manner. I think Randall Munroe (writer of XKCD) is a genius for many reasons, but his latest comic shows he truly understands Heartbleed. Take a look at the latest XKCD on the Heartbleed bug: http://xkcd.com/1354/