Wired

After Heartbleed, We're Overreacting to Bugs That Aren't a Big Deal

Here’s something else to blame on last April’s Heartbleed security bug: It smeared the line between security holes that users can do something about, and those we can’t. Getting that distinction right ...
Ars Technica

Heartbleed vulnerability may have been exploited months before patch [Updated]

Update: Errata Security’s Robert Graham has acknowledged that he was mistaken in his assessment, and that private keys could be at risk. The original story below has been marked up accordingly. The ...