OpenSSL Heartbleed Links April 12, 2014
Trying to protect yourself from Heartbleed could land you in jail - Chris Smith - BGR
There are laws in place that say testing a website's security without permissions is illegal. This would include running checks using Heartbleed websites or the Heartbleed Chrome app i linked to in Friday's post. They would have to enforce the law first, but technically you're still breaking the law when you do it. Which just further highlights how far behind the law is when it comes to the internet.
NSA Denies Knowing About Heartbleed Bug - Denver Nicks - Times
It was only a matter of time before the NSA was going to be thrown under the Heartbleed Bug Bus. The NSA has two directives to gather intelligence from it's enemies AND defend the country. Knowing about the bug in OpenSSL and not reporting it would be a massive epic fail for the NSA.
How The Heartbleed Bug Works - xkcd
A very well done, yet simple, visualization of how the Heartbleed bug works.
This post first appeared on Exploring Information Security.