Skip to main content

The Globe and Mail

Graphic: A visual guide to the Heartbleed bug

The Heartbleed Bug is a serious vulnerability in the OpenSSL cryptographic software that protects a majority of the world's encrypted or "secure" sites. Encryption works by using "keys" (a number, or sequence of characters) to encode a sent message. The receiving computer uses the key to decrypt the message. If intercepted by a third party, the message should be  unreadable.

Read the Globe's earlier coverage on the Heartbleed bug:

Occasionally, a computer will check that there is still a secure connection by sending a small packed of data, known as a “heartbeat,” which asks for a response.

The Heartbleed Bug is a coding flaw that could allow an intruder, during a heartbeat exchange, to grab up to 64 kilobytes of data leaking from the processing memory of the website server.

... giving hackers access to passwords, user names, credit card information, instant messages, emails, and critical business information.

Hackers can read data in transit without establishing a secure connection, which makes the leak of information effectively invisible.

Story continues below advertisement

Report an error Editorial code of conduct Licensing Options
As of December 20, 2017, we have temporarily removed commenting from our articles. We hope to have this resolved by the end of January 2018. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.