Hi, I'm Hank Green, this is SciShow News and it turns out that both our online information and our bodies might not be as safe as we thought!  Exciting!

[Intro]

 You have probably, I hope, heard about the newly discovered threat to our online security, Heartbleed.  Heartbleed is not a virus, it's a coding error that is so small and so simple that it took two years for anyone to even notice it.  And more than a week after the bug was announced on April 7th, the Internet remained so vulnerable that a Canadian teenager was able to steal the private tax information of 900 people from Canada's revenue agency.

So you probably heard about it, but you probably do not understand how it works.  I'm gonna explain it to you.

When one computer wants to talk to another computer, for example when your home computer wants to talk to the server where your Tumblr keeps your blog, they open up a data stream.  But there's sensitive information in that stream, like your username and your password and your private, personal thoughts about those two kittens asleep in a drum kit.

So the data stream is encrypted, using an encryption tool called Transport Layer Security, or TLS.  Your machine and the other machine are both given a one-time key for decoding that encryption.  Once your session ends, the key is discarded and your decoded information is overwritten by new information coming in from the millions of other people who also think that those kittens are cute.

Your session remains open as long as both machines keep exchanging little heartbeats, little packets of information that tell the computers that their buddy is still there.  It's from those heartbeats that Heartbleed gets its incredibly cool name.

Heartbleed is what happens when one computer lies to the other computer about the size of the packet of data that it wants to swap.  So if your laptop sends out a packet that's, say, ten characters, but it tells the other computer that it's 64,000 characters long, that other server will obediently send back 64,000 characters of data.  The un-encrypted data from its users that was supposed to be overwritten without ever being accessed.  Sometimes what it sends back is just random junk, and sometimes it's your password.

It seems crazy that this could happen, until you find out that all the big name companies that are using TLS encryption aren't actually paying for it.  Instead, they all use a free, open source software called OpenSSL, and the whole thing, the most important encryption program in the world, is kept running by just one full time programmer and a small group of people who work on it on the side.

Of course, a group of people who have now fixed the code, thankfully.

Now let's talk about something that is is a virus, the flu.  Flu pandemics are one of the scariest potential threats to public health, so scary that since the outbreak of the H1N1 swine flu in 2009, governments around the world have stockpiled billions of dollars worth of anti-flu medication.  But a new report from the British Medical Journal reveals that these drugs don't really do much.

Viruses are just protein-coated packages of genetic information, either DNA or RNA, that can live in the cells of almost any living thing and use them to reproduce.  In some cases, vaccines made from killed viruses can protect people from infection, but they can be hard to produce, so governments have often turned to alternatives that just slow viruses down.

Since 2009, a favorite of the US and UK has been a class of drugs known as neuraminidase inhibitors, or NAIs.  Sold under the names Tamiflu and Relenza, these drugs have been said to work by blocking the protein neuraminidase that viruses use to escape their host cells.  But just how effective these drugs are has been controversial in medical circles, and some research has shown that viruses are becoming increasingly resistant to whatever effects they do have.

Now the new British study finds that drugs like Tamiflu are, in its author's words, "scarcely more effective than aspirin in treating the flu."  After reviewing 46 studies performed on 24,000 people who have taken Tamiflu or Relenza, a medical nonprofit known as the Cochrane Collaboration found that NAIs don't reduce the risk that you'll catch the flu.

Compared with a placebo, Tamiflu did shorten the presence of flu symptoms by an average of 0.7 days in adults, but it did not reduce the risk of dangerous complications from the flu, like pneumonia, bronchitis, or secondary infections, and it didn't reduce the rate of hospitalizations among patients.

What's more, the results did show that about 4% of patients suffered side effects like nausea and vomiting, and 1% experience psychiatric effects that appeared to be linked to the drugs.  So, why are we just finding out about this now?  Turns out public health officials bought up billions of dollars worth of Tamiflu based on studies that drug companies never actually showed them.

The studies were only released after four years of public pressure by the Cochrane Collaboration.  Since the study came out, officials have defended their decisions by saying that NAIs were better than nothing at all, which may in fact be true, but transparent science would have been a lot better.

Thank you for watching SciShow News, especially to our Subbable subscribers.  To learn how you can support us, just go to subbable.com/scishow to learn more.  And be sure to check out our new channel, SciShow Space, for all the latest space news and weekly forays into the fascinating depths of the cosmos!  If you have any questions you can find us on Facebook and Twitter and as always down in the comments below.  And if you want to keep getting smarter with us, you can go to youtube.com/scishow and subscribe.