Security experts warn internet users against ‘Heartbleed’ bug

09 Apr 2014

1

Security experts have cautioned internet users to be on the alert after they raced to assess the damage done by Heartbleed after the discovery of a bug in technology that runs encryption for two-thirds of the internet.

Security experts warned that highly sensitive information such as credit card numbers, usernames, and passwords might have been compromised after a bug was uncovered in software meant to give added protection to thousands of the world's most popular web sites.

After the discovery of the bug, Heartbleed, several web sites have advised users to change their passwords.

''This might be a good day to call in sick and take some time to change your passwords everywhere - especially your high-security services like email, file storage, and banking, which may have been compromised by this bug,'' Tumblr wrote in a note to its many users.

''The little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit.''

Meanwhile, owner of Tumblr, Yahoo, confirmed that its users' passwords had been compromised.

The bug was discovered late last week in the OpenSSL technology that runs encryption for two-thirds of the internet. The researchers who discovered it said that most internet users ''are likely to be affected either directly or indirectly.''

Meanwhile, the discovery has led the US government's Department of Homeland Security advising businesses yesterday to review their servers to check whether they were using vulnerable versions of OpenSSL.

According to computer security experts, it meant victims would not be able to tell if their data had been accessed, which was troubling as the bug had existed for about two years.

Reuters quoted Michael Coates, director of product security for Shape Security as saying that if a web site was vulnerable others could see things like users' password, banking information and healthcare data, which they sent under the impression that the web site was secure.

According to Chris Eng, vice president of research with software security firm Veracode, hundreds of thousands of web and email servers around the globe would need to be patched as soon as possible to protect them from attack by hackers who would rush to exploit the vulnerability now that it was publicly known.

Business History Videos

History of hovercraft Part 3...

Today I shall talk a bit more about the military plans for ...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of hovercraft Part 2...

In this episode of our history of hovercraft, we shall exam...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Hovercraft Part 1...

If you’ve been a James Bond movie fan, you may recall seein...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Trams in India | ...

The video I am presenting to you is based on a script writt...

By Aniket Gupta | Presenter: Sheetal Gaikwad

view more