Overview H eartbleed is a bug (a mistake in the implementation of the software) in a very widely used cryptographic library called OpenSSL. Whichever application that uses the buggy version of OpenSSL will be compromised as this bug has the potential to expose important and sensitive information of users. The sad part is, no one would even know if some hacker got the sensitive information of users such as passwords and credit card info. This bug was introduced into the OpenSSL library in 2011 and it stayed there undiscovered till 2014. The OpenSSL library is an open source software that provides the implementation of the Transport Layer Security (TLS) protocol. So what the OpenSSL does is, it encrypts the information being exchanged between a client and server. Why is it called heartbleed? OpenSSL library provides a heartbeat extension service which made sure the connection between the client and server was kept alive. The bug was in this heartbeat ...