2Heartbeat Function Is the Root Cause of the Flaw
3Codenomicon Coined the Name ‘Heartbleed’
4CloudFlare Had Early Access
5Heartbleed Disclosure Was Disjointed
The branding and disclosure of Heartbleed was the cause of some angst. “From my perspective, it really feels like this Finnish security firm [Codenomicon] played Heartbleed as a marketing and PR play in the name of security,” John Edgar, chief technology evangelist at DigitalOcean, told eWEEK. “That’s a shame and will likely encourage other people to do the same.”
6Canada Revenue Agency Hacked by Heartbleed
7Canadian Student Charged With Heartbleed Attack
8VPNs Also at Risk
9150 Million App Downloads at Risk From Heartbleed
10Core Infrastructure Initiative Raises Millions to Prevent Next Heartbleed
On April 24, the Linux Foundation announced the Core Infrastructure Initiative, backed by VMware, Rackspace, NetApp, Microsoft, Intel, IBM, Google, Fujitsu, Facebook, Dell, Amazon and Cisco. The goal of the effort is to help fund developers working on OpenSSL and other critical Internet infrastructure projects.
11OpenSSL Forked Into LibreSSL
12Most Users Didn’t Update Passwords After Heartbleed
Although there was widespread media coverage of the Heartbleed vulnerability, a study from the Pew Research Center found that less than half of Internet users have actually taken steps to protect themselves.