Programmer behind Heartbleed speaks out: It was an accident

A computer programmer whose coding mistake resulted an internet bug known as Heartbleed - leaving millions of internet users and websites vulnerable to hackers - said he did not do it deliberately, according to the Sydney Morning Herald. 

German computer programmer Robin Seggelman, 31, said he wrote a code for OpenSSL, an open-source software project, that introduced the bug in December 2011.

Heartbleed is a programming flaw in Heartbeat, an extension for OpenSSL, itself an encryption tool to help make websites and online communication more secure. Up to two-thirds of internet traffic was exposed since the bug surfaced in 2011, according to Mashable. Engineers at Finland-based security firm Codenomicon discovered the bug, and it was publicly announced on Monday.

Seggelmann told the Sydney Morning Herald that the actual error was "trivial", but that its impact was clearly severe.

Open-source software projects like OpenSSL are attractive to many services as an easily implemented security tool. Although anyone can contribute to OpenSSL - either by contributing code or reviewing it to spot vulnerabilities like Heartbleed - few actually do.

"It would be better if more people helped improving it," Seggelmann told Mashable via email. "It doesn't really matter if companies benefitting from it provided some support, or if people do it in their spare time. However, if everybody just keeps using it and thinks somebody else will eventually take care of it, it won't work. The more people look at it, the less likely errors like this occur."

Today, most sites affected have patched the Heartbleed bug, according to Mashable.

No comments yet.
Be the first to post comment.