david wong

Hey ! I'm David, a security consultant at Cryptography Services, the crypto team of NCC Group . This is my blog about cryptography and security and other related topics that I find interesting.

How Heartbleed works thanks to XKCD April 2014

I found a pretty nice explanation of Heartbleed for the layman in this XKCD comic. Heartbleed is a recent and alarming vulnerability found in the OpenSSL toolkit that serves most of the application/websites today. To quote Schneier:

"Catastrophic" is the right word. On the scale of 1 to 10, this is an 11.

Here's the comic:


And if you want to dig a bit more into it, you can read some more explanations on security.stackexchange.

Well done! You've reached the end of my post. Now you can leave me a comment :)