[Wired] How Heartbleed Broke the Internet – And Why It Can Happen Again

Posted on


[…] It’s no surprise that a small bug would cause such huge problems. What’s amazing, however, is that the code that contained this bug was written by a team of four coders that has only one person contributing to it full-time. And yet Henson’s situation isn’t an unusual one. It points to a much larger problem with the design of the internet. Some of its most important pieces are controlled by just a handful of people, many of whom aren’t paid well — or aren’t paid at all. […] We need a dedicated and well-funded engineering task force overseeing not just online encryption but many other parts of the net.

[…] Mozilla, maker of the Firefox browser, reported revenues of more than $300 million in 2012. But the OpenSSL Software Foundation, which raises money for the project’s software development, has never raised more than $1 million in a year; its developers have never all been in the same room. And it’s just one example. […]

http://www.wired.com/2014/04/heartbleedslesson/