Jump to content

Talk:Heartbleed

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
Former good articleHeartbleed was one of the Engineering and technology good articles, but it has been removed from the list. There are suggestions below for improving the article to meet the good article criteria. Once these issues have been addressed, the article can be renominated. Editors may also seek a reassessment of the decision if they believe there was a mistake.
In the news Article milestones
DateProcessResult
November 25, 2014Good article nomineeListed
February 2, 2019Good article reassessmentDelisted
January 19, 2021WikiProject peer reviewReviewed
In the news A news item involving this article was featured on Wikipedia's Main Page in the "In the news" column on April 8, 2014.
Current status: Delisted good article

Community reassessment

[edit]
Article (edit | visual edit | history) · Article talk (edit | history) · WatchWatch article reassessment pageMost recent review
Result: Delisted due to the verifiability concerns raised by Vanamonde93. Mz7 (talk) 10:45, 2 February 2019 (UTC)[reply]
  • In the four years since this article was listed as a GA, a number of verifiability problems have crept in, to the extent that the page no longer meets the Verifiability criterion for Good Articles. I'm listing this for community reassessment because although I noticed this page in skimming through some GAs, I have had unpleasant interactions with the editor who nominated this for GA status (who has since been indeffed for sockpuppetry). Vanamonde (talk) 06:09, 2 January 2019 (UTC)[reply]


This is an atypical peer review for an article I have been trying to improve myself. I guess I just wanted a place to put down my thoughts on how we can get this article back to WP:GA status.

About

When I think of internet security vulnerabilities, I remember Heartbleed. At the time, it was incredibly scary and impactful (even to me as a kid in High School). It was the first real bug I had witnessed first hand (not being around for the Y2K bug).

Problems

(1) A massive portion of this article relies on sources from the year 2014. I mean there are a handful of sources from after that, but the vast majority were written in 2014. I have to imagine a good part of the reason this article was reason was the WP:ITN/awareness-aspect of it.

(2) Pretty much a ton of the actual citations are primary sources. Generally, they are links to statements posted by websites about how Heartbleed has disrupted their service. These should be replaced with secondary sources wherever possible.

(3) The references need a consistent formatting anyways.

(4) Structure. The article is written is a pretty counterintuitive way. I will let it speak for itself:

Extended content
1	History
1.1	Discovery
1.2	Bugfix and deployment
1.3	Certificate renewal and revocation
1.4	Exploitation
1.4.1	Possible prior knowledge and exploitation
2	Behavior
2.1	Affected OpenSSL installations
2.1.1	Vulnerable program and function
2.2	Patch
3	Impact
3.1	Client-side vulnerability
3.2	Specific systems affected
3.2.1	Websites and other online services
3.2.2	Software applications
3.2.3	Operating systems/firmware
3.3	Vulnerability testing services
4	Remediation
4.1	Browser security certificate revocation awareness
5	Root causes, possible lessons, and reactions
6	References
7	Bibliography
8	External links
Solutions

More scholarly sources are needed, and a complete rewrite is probably needed in some places. The structure should likely look something like this:

View the source code for additional notes
The following discussion has been closed. Please do not modify it.
  1. Overview
  2. History
    1. Origins
    2. Discovery
    3. Bugfix and deployment
  3. Behavior
  4. Effects
    1. Services affected
      1. Websites
      2. Software
      3. Operating systems and firmware
    2. Certificate revocations
    3. Exploitation
    4. Impact
  5. Reactions
  6. References
  7. Bibliography

Hopefully that helps people in the future.. Probably myself. –MJLTalk 04:36, 19 January 2021 (UTC)[reply]