What is Heartbleed and how does it impact you
Published on 10 April 14
Bharath
0
If you think you were on a secured connection looking at https in the url over the past 2 years, then you need to wake up. The secured internet is currently bleeding with the problem called Heartbleed. Read below to know more about the what is Heartbleed and how does it impact you.
What is Heartbleed?
Heartbleed is a programming error (a.k.a bug) in the Open SSL code used by two thirds of the websites to protect customer/consumer information from hackers. Open SSL is used to transfer data between two devices over a secured line.
It isn�t a simple bug to do a quick fix in a application, the vulnerability lies on the servers that processes and transmit secure information.
What is the affect?
Web Servers keep most of the information in active memory like usernames, passwords, email ids etc., which can be accessed. Even more worse is the encryption keys that can be stolen using this flaw. With the help of these encryption keys a hacker can decode the encrypted information.
Its like all your information lies in a encrypted format in the server and an encrypted key is generated. With this flaw the hacker can steal the encrypted key and decode your information..
Should I be bothered?
Though the issue is prevalent for the past two years, but there is no trace of a hacker having got through it. It is the researchers from Codenomicon who found it first. The OpenSSL team has already fixed it and all the leading service providers have been implementing the fix. The word got spread out after the fix has been applied.
How should I protect my information?
Since there is nothing you can do about it, you may change your passwords to keep you information secure.
You can also visit Heartbleed website fore more information
It isn�t a simple bug to do a quick fix in a application, the vulnerability lies on the servers that processes and transmit secure information.
What is the affect?
Web Servers keep most of the information in active memory like usernames, passwords, email ids etc., which can be accessed. Even more worse is the encryption keys that can be stolen using this flaw. With the help of these encryption keys a hacker can decode the encrypted information.
Its like all your information lies in a encrypted format in the server and an encrypted key is generated. With this flaw the hacker can steal the encrypted key and decode your information..
Should I be bothered?
Though the issue is prevalent for the past two years, but there is no trace of a hacker having got through it. It is the researchers from Codenomicon who found it first. The OpenSSL team has already fixed it and all the leading service providers have been implementing the fix. The word got spread out after the fix has been applied.
How should I protect my information?
Since there is nothing you can do about it, you may change your passwords to keep you information secure.
You can also visit Heartbleed website fore more information
This blog is listed under
Networks & IT Infrastructure
and IT Security & Architecture
Community
Related Posts:
Post a Comment
