What is the HeartBleed OpenSSL Vulnerability, Flaw or Bug?
May 19, 2014
April 11, 2014
The HeartBleed vulnerability, I think, is one of the scariest cyber-threats the internet has ever seen. This vulnerability has shown us that the internet has flaws and that continuous updating or upgrading of software is very critical. The HeartBleed vulnerability is a glitch or bug in the OpenSSL software, which is used to secure sensitive data that travels from one computer to another. Some of the information it secures are: passwords, credit card, personal and other sensitive information.
Please continue reading below.
If you want to know if you are vulnerable to the HeartBleed glitch, you may use the link below.
OpenSSL is the free or open source version of SSL. SSL stands for Secure Socket Layer, and is a security technology for establishing an encrypted connection between two devices. This technology encrypts the information being transmitted from the sending computer and allows the receiving computer to decrypt it. Therefore, if someone, other than the sending or the receiving device is able to intercept the information that is sent, they will not able to understand or interpret it.
The reason I think HeartBleed is the scariest vulnerability discovered since the internet started, is because most of the big online companies and networking devices, which make the internet work, use this software.
If cybercriminals are able to exploit this vulnerability, they will be able to gain access to millions of online users’ information, which they will use to steal their identities, commit fraud, alter information, and the list goes on.
For the large internet companies like Google, Yahoo, Facebook, Twitter, Netflix and others, they have patched or fixed the HeartBleed vulnerability on their servers, so all their users have to do now as a precautionary measure is to change their passwords. If your other service providers have not yet patched or fixed the HeartBleed vulnerability, it doesn’t make sense changing your password, because even after changing your password, a hacker can exploit the vulnerability and still retrieve the new password.
So, ask all of your service providers if they have patched or fixed the HeartBleed flaw or vulnerability, and if they have, you may change your password. Most internet services will send out notifications to their users instructing them on what to do.
Now, for the networking device manufacturers, which make devices like routers, modems and other devices that connects you to the internet or other networks, will have a big task on their hands. This is because they will have to patch or fix the millions of networking devices that they have sold, that use OpenSSL to secure or encrypt the data that the devices transmit or send.
Although this encryption vulnerability is very serious, typical users have nothing much to worry about. Their internet service providers will do all or most of the work patching or fixing the OpenSSL flaw called HeartBleed. The most internet users will need to do is to change their passwords.
If you want to know if you are vulnerable to the HeartBleed glitch, please click here.
Please share with us what you know or ask a question about this article, by leaving a comment below. And, forward malicious email messages to us using the following email address: firstname.lastname@example.org .
Alert and help your family and friends by sharing this article with them: