It turns out the engineer behind the Heartbleed bug introduced it on New Year’s Eve 2011, and he says he “missed the necessary validation oversight.” German programmer Robin Seggelman says the error he introduced into the open-source OpenSSL software used by many websites was “quite trivial,” but knows its impact has been “severe.” He also denied that it was done with malicious intent, saying it was “a simple programming error in a new feature, which unfortunately occurred in a security relevant area.” Seggelman did point out, however, that the discovery of the bug proves the benefits of open-source software, as “anyone can review the code in the first place.”
Read it at The Sydney Morning HeraldTrending Now