Video: A beginner's guide to Heartbleed

If friends and family are bugging you for an explanation of Heartbleed and OpenSSL, refer them to this video

Heartbleed, which has been at the center of some serious security hysteria this week, is actually a simple twist of the clasic buffer overflow exploit. What's a buffer overflow and how did Heartbleed tweak it, you ask -- or, perhaps more accurately, your nontechie friends and family members ask? The video below offers a basic explanation.

Heartbleed's attack targets OpenSSL; this is a big deal because OpenSSL handles a very large (half to two-thirds, according to the video) amount of the world's secure Web traffic, including email and traffic to and from online banks. By turning the concept of the buffer overflow on its head and, in fact, using buffer underflow, Heartbleed has been able to trick these nominally secure servers into coughing up all kinds of info -- exactly the goods you wouldn't want your bank or your email app to give up. Hence the hysteria.

This story, "Video: A beginner's guide to Heartbleed," was originally published at InfoWorld.com. Keep up with the latest tech videos with the InfoTube blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies