“Heartbleed” Bug Causes Mass Internet Security Concerns

Date April 10, 2014 Author Comments Leave your thoughts
Heartbleed security concern

The “Heartbleed” bug has caused mass internet security concerns.

A critical vulnerability in OpenSSL (OpenSSL Private Key Disclosure Vulnerability) was recently disclosed, affecting servers running OpenSSL 1.0.1 through 1.0.1f.  This vulnerability allows arbitrary memory readout, which effectively exposes primary key material, allowing hackers to read confidential encrypted data, and compromises the integrity of the secure channel.

Over the past day there has been some significant mass media coverage of the software flaw, alerting the public to the potential vulnerabilities of over half a million websites, including Yahoo and some major banks.

However, as echoed by this Guardian article, we would urge web-users not to rush into changing all of their passwords; doing so could increase the risks posed by the bug, which has been ominously dubbed “Heartbleed”.

Categorised in

Author Gregg Meade

Leave a Reply

Your email address will not be published. Required fields are marked *