Rediff.com« Back to articlePrint this article

Deadly 'Heartbleed' hits the Internet: Are you safe?

April 10, 2014 17:42 IST
A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin, Germany.

The 'Heartbleed' bug makes the website vulnerable and the information that you are typing in could land into the hands of a dirty hacker.

For the next couple of days before you decide to change your password, do check the website for an advisory stating the OpenSSL issue has been fixed. 

A few days back, a bug called the Heartbleed was discovered in a portion of the OpenSSL protocol, which encrypts sessions between consumer devices and websites, which in turn pings messages back and forth.

The experts say that this issue has exposed the Internet to high vulnerability and those looking to change passwords, store data files, bank account details and social security numbers.

The bug that has been found makes the website vulnerable and the information that you are typing in could land into the hands of a dirty hacker.

While sites like Yahoo, Google, Amazon and Facebook have already fixed the problem, there are millions of other sites which are still vulnerable to the Heartbleed bug.

Click NEXT to read more…

Deadly 'Heartbleed' hits the Internet: Are you safe?

April 10, 2014 17:42 IST

Considered to be one of the most deadliest bugs to have hit the internet till date, the experts say that the net would continue to be vulnerable unless websites do not introduce a patch to beat the bug.

A cyber security expert points out that while it would be advisable to transact majorly on the net unless there is a fix, the other issue is that people will not be able to tell if their data is safe or not.

Those websites which have not introduced patches to solve this problem will not give out a warning that the data of the consumer has been accessed. The bug is that deadly by nature, the expert warns.

Click NEXT to read more…

Deadly 'Heartbleed' hits the Internet: Are you safe?

April 10, 2014 17:42 IST

Heartbleed has affected more than 3/4th the Internet across the world.

The bug has been around since 2012 and the analysis of how much data has been stolen is still being analysed by various agencies across the world. The bug has hit and will continue to hit the consumer and the major problem is data theft.

The sites that are most vulnerable to this bug are the banking sites, social media and also the health sector websites. The hacker also is able to intercept the internet traffic on a system and capture data that is stored.

Experts say that those who have exploited the bug have and will continue to steal data by getting into the clients and servers. The hacker gets access to around 64 kilobytes of memory.

Click NEXT to read more…

Deadly 'Heartbleed' hits the Internet: Are you safe?

April 10, 2014 17:42 IST
Users should avoid using an OpenSSL until the problem is resolved.

The websites which are vulnerable to this bug need to re-key the SSL certificates. This would mean that patching to beat the bug is not the only cure.

The users will need to wait till the websites fix the issue but for the time being experts say that some steps could be taken to restrict the damage.

There are a couple of options that are available to the end user and in case he needs to check if the website is vulnerable or not, the same could be done at http://filippo.io/Heartbleed.

In addition to the user could avoid connected to open public networks. The use of hotspots should be avoided for the time being.

In case one would need to use the hotspot then he or she will have to first check if the VPN client is vulnerable to the bug or not. In addition to this users should avoid using an OpenSSL until the problem is resolved.

Click NEXT to read more…

Deadly 'Heartbleed' hits the Internet: Are you safe?

April 10, 2014 17:42 IST

There is no time estimate that has been given by anyone as to how long this problem would last.

Many websites have already begun the process to secure the websites, but since most than half the world has been affected there is a good chance that this issue could last for at least another month or so.

There is nothing much that really can be done by the user barring taking a couple of precautions. There is a considerable amount of awareness in the world today about this bug and the experts say that the necessary precautions will be taken by many. 

However the biggest problem is that the data that has already been compromised since the year 2012.

In such cases, there is no remedy available and the users would need to monitor their accounts and other details if they have been used or not.

Registering a complaint is one way to go, but the solution would not be available anytime soon, experts also point out.