From Missingno to Heartbleed: Buffer Exploits and Buffer Overflows

Tom Scott
Tom Scott
935,267
0
Published 2014-04-08
Buffer exploits are one of the basic bugs of computer science. They're responsible for glitches in games, for all sorts of viruses and exploits, and any number of technical disasters. Here's the basics of how they work, and a non-technical breakdown of Heartbleed, this week's rather startling attack.
All Comments (21)
  • @stanrogers5613
    “If debugging is the process of removing bugs, then programming must be the process of putting them in.” - Edsger Dijkstra
  • @GNUGradyn
    "the technical folks are going to be cringing" network engineer here, this is actually an excellent explanation. well done tom
  • @mckennacisler01
    You know you should worry about your computer when someone in a YouTube video fakes a low frame rate and you don't even notice it...
  • @badatcad
    your blue screen didn't fool me, I know mine look different in windows 10 because i've gotten two in the last 12 hours. ohgodsendhelp
  • @elementneon
    I was at Defcon 2 weeks ago, at a party, and ran into the security expert that discovered Heartbleed, got to spend quite a bit of time with him. It often surprises me how small a percentage of people that work in the security industry actually do most of the discovery work we hear about. While at these parties, it always the same 50-100 people that are present the entire time, even as the industry continues to explode in personnel numbers.
  • @oakeydokey2
    i'm on linux and i fell for the bluescreen. damnit.
  • @ElegantEnsue
    Ahaha that smile at the end after he says "who put that there in the first place" it was almost guilty ;D
  • @notbobby125
    Gandhi was originally a nuke loving monster in Civilization because of an overflow error. In Civilization 2, Gandhi was programmed to be pacifist, so he had a "desire to use nukes" value of 1 out of 10. The game designers also decided that any AI Civs that adopted democracy would have their "desire to use nukes" value lowered by two. For all the other civs, this was fine, however, for Gandhi, it caused his "want to use nuke" value to "drop" to 255, turning him from a friend to a nuclear monster that desired nothing but to watch the world burn. In Civilzations V, the game designers, in a nod to the glitch and the "Gandhi nuked me" memes, gave Gandhi a 12 out of 10 desire to use nukes, higher than anyone else in the game.
  • @produKtNZ
    I was quietly hoping Tom Scott put a secret message in the fake bluescreen, but all I got was " o¿ù³Ô" You disappoint me Tom :D
  • @prosincr
    I was on mobile, your blue screen doesn't fool me
  • @MisterSecurity702
    That smile at the end as it's fading to black though... Bwahahahahahahahaha
  • @jimpikles
    I was disappointed by the lack of Pokemon in this video.
  • @Mae_is_gae
    I really don't mind buffer overflow, at all. it gave me 128 master balls, so I see no issue!
  • @gwaur
    This video about Heartbleed was so much more understandable to me than the Computerphile video. From CP I just didn't gather what the whole heartbeat thing was at all, but you worked the way up there. Thank you, Tom.
  • @teharbitur7377
    1:56 I totally started cursing at my internet connection. Fucking genius :D