I've just been discussing with my son exactly what is (seriously) compromised by the Heartbleed bug.
I can understand the basics, it means that something encrypted using SSL (i.e. HTTPS protocol connections) can be decrypted by someone who shouldn't be able to do so.
Having said that what can a 'bad hacker' actually do? There's a sea of packets flowing around the internet, picking out a series of packets relating to one 'connection' (i.e. with related information in them) is non-trivial as far as I can see, unless the hacker is sitting looking at the data flowing through a switch feeding one particular site.
So, it's possible to hack/decrypt a single packet which I suppose *might* contain someone's login details if the username and password was in a single packet. Is this the extent ot the problem?
If there's more to it than this can someone explain. For example MumsNet says it's been hacked as a consequence of this bug, I don't quite understand how someone could get at *all* the login details on MumsNet unless they fortuitously got an administrator's login details and the system is stupid enough to allow an administrator to get at all usernames and unenecrypted passwords.
Surely quite simple (and well known) security practices would make this sort of thing much more difficult:-
Don't send complete Username/Password details in a single packet, easy enough to do by asking for them separately or even crude padding.
Don't store user's details in single, big, unencrypted files.
Don't store unencrypted passwords anywhere, use the Unix login style of things so that what's stored is the result of encrypting the password and is difficult (as in requires loads of processor ooomph) to decrypt by brute force methods.