Heartbleed Bug poses a huge security risk to millions of web servers. It exposes visitors to spying and eavesdropping, exposes passwords and website encryption keys.
Don't forget to like us on FACEBOOK, thanks so much!
Sites that use OpenSSL versions 1.0.1. through 1.0.1f are exposed to a security vulnerability that is commonly known “Hearhbleed” bug. It is contained within a software library of this software, which has been designed to safely encrypt and decrypt data. According to experts, Heartbleed is one of the most serious security flaws in recent years. Researchers working for Google and Codenomicon, security company, have found the bug in OpenSSL.
Anyone visiting sites that have been affected by this security issue are potential targets of data theft. "If you need strong anonymity or privacy on the internet, you might want to stay away from the internet entirely for the next few days while things settle," said a blog entry by Tor Project. Most websites use OpenSSL as it is known to be the safest technology on the Internet, when it comes to data protection.
Heartbleed poses a Serious Vulnerability Issue
Because OpenSSL is widely used on server running Apache and Nginx server software, the amount of websites that are affected is huge. Statistics from Netcraft, net monitoring company, suggest that some 500,000 web servers are running versions that have a bug. "It's the biggest thing I've seen in security since the discovery of SQL injection," said Ken Munro, a security expert at Pen Test Partners.
This is a serious thing, even Mojang, maker of the Minecraft, game took all services offline until the fix for the bug comes out. Many firms had to shut down their services until the issues has been resolved. Others, like Amazon, managed to patch the Heartbleed bug, though if you want to stay on the safe side, it could be wise to avoid any online purchases until we see an announcement that the issue had been fully resolved.
"If a website is vulnerable I could see things like your password, banking information and healthcare data, which you were under the impression you were sending securely to your website," said Michael Coates, director of product security for Shape Security.
Exploitation of the bug could be widespread, but attacks leave no trace so it’s almost impossible to know how many visitors have become victims. I am going to change all my passwords now and I suggest you do the same. Email servers use OpenSSL as well, so here are few tips to keep your email secure.
Dolores is SEO and Digital Marketing consultant who has been completely hog-washed into doing this site by KC.