Cover photo
Robin Battey
183 followers|125,413 views


Robin Battey

commented on a video on YouTube.
Shared publicly  - 
This is a pretty good rundown on heartbleed, except the part about heartbeats being used to keep connections alive. They're not used, basically at all, by anyone, except to exploit this bug. Android phones weren't affected, for instance, because they don't even support the heartbeat extension. It's an almost completely unused part of the standard.

Also, it's SSL, not just TLS. TLS is a subset of SSL, or arguably a predecessor -- but (the rest of) SSL was affected as well. Also, the product containing the bug is called OpenSSL, so there's that, too.

The rest is right on the money, though!