Heartbleed
A two-line patch added a feature to OpenSSL. A two-year-old typo in that feature let anyone read sixty-four kilobytes at a time from any server using it.
In April 2014, researchers from Google and the Finnish security firm Codenomicon independently disclosed a flaw in OpenSSL, the open-source library that handled encryption for an estimated two-thirds of the web's servers. The flaw was branded Heartbleed and given its own logo, a small bleeding heart — the first major vulnerability to be marketed with corporate design assets.
Sixty-four kilobytes at a time
The technical mistake was small. OpenSSL had added support for a TLS extension called Heartbeat, a keep-alive mechanism. The implementation neglected to validate a length field. By sending a request that claimed a longer payload than was actually present, an attacker could trick the server into returning sixty-four kilobytes of whatever happened to be in adjacent memory.
That memory routinely contained session cookies, plaintext usernames and passwords, and — in some cases — the server's own private TLS key. There was no log entry left behind. The flaw had been in shipped code for roughly two years before it was found.
A global key rotation
Almost every major service on the internet had to revoke and reissue TLS certificates, force password resets, and replace SSH keys. Cloud providers spent the week running emergency rebuilds. The Linux Foundation founded the Core Infrastructure Initiative shortly after, partly in recognition that a piece of software underpinning most of the web was being maintained by a small group of underfunded volunteers.
What the chronicle remembers
Heartbleed reframed open-source security as a public-goods problem. Free software runs the internet, but the funding to audit and maintain it had been quietly assumed. After 2014, that assumption was a little harder to make with a straight face.