Heartbleed Shows Government Must Lead on Internet Security

Scientfic American: Heartbleed is the most serious Internet security flaw yet. For about two years, two thirds of Web sites were susceptible to having their memory extracted by remote attackers—memory containing private information, passwords and encryption keys. Heartbleed attacks would not have shown up in most sites’ logs, so we can’t be sure how widely it was exploited or what might have leaked. Some evidence suggests active exploitation of Heartbleed as long ago as November 2013, but researchers are still working to verify those claims.

Read article