Perhaps, the well-known secure networking service will close down 1/8 of its capacity because of the Heartbleed bug. Tor, which allows everyone to access the Internet untraceably, works on a network of donated servers that bounce encrypted data between themselves prior to returning back on to the open web. If there are enough internal relays, you won’t be able to determine which traffic is coming from which machines.

The problem is that some Tor nodes are operating on servers with OpenSSL versions 1.0.1 to 1.0.1f installed, which are vulnerable to the Heartbleed flaw. In other words, an attacker could theoretically exploit the bug on those servers to find internal information relating to the service itself, thus compromising the security of the whole network.

This discovery was reason for Roger Dingledine, one of the initial developers of Tor, to suggest that nodes which run the vulnerable versions of OpenSSL should not be used in the network anymore. He admitted that if the other directory authority operators follow suit, Tor will lose about 12% of the exit capacity plus 12% of its guard capacity. The plans are that the servers are allowed to be back on once they have upgraded their OpenSSL. However, if they remain vulnerable, Dingledine really doesn’t want that identity key on the Tor network even after they have upgraded their OpenSSL. Hopefully, the cut won’t be noticed by ordinary users.