| This is the talk page for discussing improvements to the Heartbleed article. This is not a forum for general discussion of the article's subject. |
Article policies
|
| Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
Archives: 1, 2, 3, 4Auto-archiving period: 120 days  |
 | Heartbleed was one of the Engineering and technology good articles, but it has been removed from the list. There are suggestions below for improving the article to meet the good article criteria. Once these issues have been addressed, the article can be renominated. Editors may also seek a reassessment of the decision if they believe there was a mistake. | |||||||||||||||||||||
| ||||||||||||||||||||||
 | This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||
 | This article has been viewed enough times in a single week to appear in the Top 25 Report. The week in which this happened:
|
Community reassessment edit
Heartbleed edit
- Article (edit | visual edit | history) · Article talk (edit | history) · Watch • • Most recent review
- Result: Delisted due to the verifiability concerns raised by Vanamonde93. Mz7 (talk) 10:45, 2 February 2019 (UTC)
- In the four years since this article was listed as a GA, a number of verifiability problems have crept in, to the extent that the page no longer meets the Verifiability criterion for Good Articles. I'm listing this for community reassessment because although I noticed this page in skimming through some GAs, I have had unpleasant interactions with the editor who nominated this for GA status (who has since been indeffed for sockpuppetry). Vanamonde (talk) 06:09, 2 January 2019 (UTC)
This is an atypical peer review for an article I have been trying to improve myself. I guess I just wanted a place to put down my thoughts on how we can get this article back to WP:GA status.
- About
When I think of internet security vulnerabilities, I remember Heartbleed. At the time, it was incredibly scary and impactful (even to me as a kid in High School). It was the first real bug I had witnessed first hand (not being around for the Y2K bug).
- Problems
(1) A massive portion of this article relies on sources from the year 2014. I mean there are a handful of sources from after that, but the vast majority were written in 2014. I have to imagine a good part of the reason this article was reason was the WP:ITN/awareness-aspect of it.
(2) Pretty much a ton of the actual citations are primary sources. Generally, they are links to statements posted by websites about how Heartbleed has disrupted their service. These should be replaced with secondary sources wherever possible.
(3) The references need a consistent formatting anyways.
(4) Structure. The article is written is a pretty counterintuitive way. I will let it speak for itself:
Extended content
|
|---|
1 History 1.1 Discovery 1.2 Bugfix and deployment 1.3 Certificate renewal and revocation 1.4 Exploitation 1.4.1 Possible prior knowledge and exploitation 2 Behavior 2.1 Affected OpenSSL installations 2.1.1 Vulnerable program and function 2.2 Patch 3 Impact 3.1 Client-side vulnerability 3.2 Specific systems affected 3.2.1 Websites and other online services 3.2.2 Software applications 3.2.3 Operating systems/firmware 3.3 Vulnerability testing services 4 Remediation 4.1 Browser security certificate revocation awareness 5 Root causes, possible lessons, and reactions 6 References 7 Bibliography 8 External links |
- Solutions
More scholarly sources are needed, and a complete rewrite is probably needed in some places. The structure should likely look something like this:
| View the source code for additional notes |
|---|
| The following discussion has been closed. Please do not modify it. |
|
Hopefully that helps people in the future.. Probably myself. –MJL ‐Talk‐☖ 04:36, 19 January 2021 (UTC)