On Wed, 16 Apr 2014 14:49:21 +0100 Chris Green cl@isbd.net allegedly wrote:
I've just been discussing with my son exactly what is (seriously) compromised by the Heartbleed bug.
I can understand the basics, it means that something encrypted using SSL (i.e. HTTPS protocol connections) can be decrypted by someone who shouldn't be able to do so.
Sorry, but no, you have this wrong.
The heartbleed vulnerability is much nastier that you believe. It alllows reading of arbitrary 64K chunks of memory on any system running an application which is linked against a vulnerable version of openssl. The original "hearbeat" code was meant to allow a client/server interaction of the form "are you still awake?". The bug allowed an attacker to send the heartbeat requests but ask for (and get) up to 64 K of contents of RAM. Continued polling would get continued chunks of memory. So if that chunk of RAM contained sensitive data (as it could) then bang you are dead.
See https://xkcd.com/1354/ for a nice graphical explanation.
Mick ---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
---------------------------------------------------------------------