The Heartbleed revelation is widely felt in the technology industry, and now BlackBerry is the latest vendor to announce security updates to patch the OpenSSL flaw.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
In admitting it didn't know about a massive security flaw in one of the Web's most used encryption libraries, the NSA inadvertently revealed a massive institutional failure.
CloudFlare's analysis Friday that Heartbleed may not be able to recover private keys turns out to be wrong. Two candidates recovered the keys from their challenge server.
[UPDATED] Research by CloudFlare indicates that Heartbleed can be used to obtain contents of server memory, but not private keys.
There have been some pretty bad vulnerabilities before Heartbleed. Is it really any more severe than CodeRed or Blaster?
The programmer responsible for code leading to Heartbleed says the flaw was accidental, despite its catastrophic consequences.
[UPDATE] Many networking products, including hardware, also run OpenSSL, the critical software component with a severe information disclosure vulnerability.
Bugs don't often get more severe than Heartbleed and OpenSSL, the affected code, is about as critical a library as there is on the Internet. Does it need special treatment?
Thousands of dollars have been awarded to bug hunters for the Chrome 34 release who reported 31 flaws, 19 deemed critical.
Microsoft Windows, Internet Explorer, Word and Publisher are patched, some products for the last time.