You must Publish this diary to make this visible to the public,
or click 'Edit Diary' to make further changes first.
Posting a Diary Entry
Daily Kos welcomes blog articles from readers, known as diaries. The Intro section to a diary should be about three paragraphs long, and is required. The body section is optional, as
is the poll, which can have 1 to 15 choices. Descriptive tags are also required to help others find your diary by subject; please don't use "cute" tags.
When you're ready, scroll down below the tags and click Save & Preview. You can edit your diary after it's published by clicking Edit Diary. Polls cannot be edited once they are published.
If this is your first time creating a Diary since the Ajax upgrade, before you enter any text below, please press Ctrl-F5 and then hold down the Shift Key and press your browser's Reload button to refresh its cache with the new script files.
ATTENTION: READ THE RULES.
One diary daily maximum.
Substantive diaries only. If you don't have at least three solid, original paragraphs, you should probably post a comment in an Open Thread.
No repetitive diaries. Take a moment to ensure your topic hasn't been blogged (you can search for Stories and Diaries
that already cover this topic), though fresh original analysis is always welcome.
Use the "Body" textbox if your diary entry is longer than three paragraphs.
Any images in your posts must be hosted by an approved image hosting service (one of: imageshack.us, photobucket.com, flickr.com, smugmug.com, allyoucanupload.com, picturetrail.com, mac.com, webshots.com, editgrid.com).
Copying and pasting entire copyrighted works is prohibited. If you do quote something, keep it brief, always provide a link to the original source, and use the <blockquote> tags to clearly identify the quoted material. Violating this rule is grounds for immediate banning.
Be civil. Do not "call out" other users by name in diary titles. Do not use profanity in diary titles. Don't write diaries whose main purpose is to deliberately inflame.
There's been a lot of ( completely justified) freaking out over the Heartbleed Bug, which was recently unearthed in a popular bit of web server software called OpenSSl. This is a really serious problem- it created a huge security hole that could be exploited by hackers, and most disturbing, it would allow said hackers to steal information without leaving any traces in the server logs. In other words, there's absolutely no way to know if your system has been compromised, so the assumption must be that it has.
Yes, this is a great big computer security mess. Absolutely.
What this isn't is surveillance. This is a screw-up.
Dr Seggelmann, of Münster in Germany, said the bug which introduced the flaw was "unfortunately" missed by him and a reviewer when it was introduced into the open source OpenSSL encryption protocol over two years ago.
"I was working on improving OpenSSL and submitted numerous bug fixes and added new features," he said.
"In one of the new features, unfortunately, I missed validating a variable containing a length."
After he submitted the code, a reviewer "apparently also didn’t notice the missing validation", Dr Seggelmann said, "so the error made its way from the development branch into the released version." Logs show that reviewer was Dr Stephen Henson.
Dr Seggelmann said the error he introduced was "quite trivial", but acknowledged that its impact was "severe".