Tatsuya Hayashi, the researcher who found one of the critical bugs, told the Guardian that the latest flaw “may be more dangerous than Heartbleed” as it could be used to directly spy on people’s communications.
Heartbleed was deemed to be one of the most critical internet vulnerabilities ever when it was uncovered in April. OpenSSL is supposed to protect people’s data with digital keys but has been exposed as flawed numerous times in recent months.
The latest vulnerability was introduced in 1998 and has been missed by both paid and volunteer developers working on the open-source project for 16 years.
http://www.theguardian.com/technology/2014/jun/06/heartbleed-openssl-bug-security-vulnerabilities
Although, I guess if it’s been there 16 years maybe it’s not *that* bad?