Heartbleed - who knew what when, and what public actions they took, and who didn’t know.
via https://news.ycombinator.com/item?id=7589286
http://www.smh.com.au/it-pro/security-it/heartbleed-disclosure-timeline-who-knew-what-and-when-20140415-zqurk.html
Interesting that a NDA can be a convenient tool to avoid disclosure to end users.