A think tank opinion piece that claims the threat from the Heartbleed bug is overblown has sparked a debate among researchers over the seriousness of the OpenSSL flaw.