Major bug called ‘Heartbleed’ exposes Internet data --- A newly discovered security bug nicknamed Heartbleed has exposed millions of usernames, passwords and reportedly credit card numbers — a major problem that hackers could have exploited during the more than two years it went undetected. -- It’s unlike most of the breaches reported over the past few years, in which one Web site or another got hacked or let its guard down. The flaw this time is in code designed to keep servers secure — tens of thousands of servers on which data is stored for thousands of sites. -- That’s why some experts were calling Heartbleed the worst bug yet, something that should worry everyone who frequents the Internet or does business on it. -- It’s as if someone went on vacation not knowing the lock on the front door was broken. Could someone walk in? Yes. Will they? Did they? Who knows. --- Codenomicon, the Finnish security firm that helped discover the bug offered a chilling illustration of its danger: --- While companies were scrambling to implement a fix this week, nobody seemed to know whether any damage had been done. -- The bug was found in a type of software called OpenSSL, which is used on servers to encrypt sensitive information to protect people’s privacy. At least 500,000 servers were reportedly vulnerable. - More, Lindsey Bever, Washingtonpost, at: http://www.washingtonpost.com/news/morning-mix/wp/2014/04/09/major-bug-called-heartbleed-exposes-data-across-the-internet/?hpid=z3
0 Comments:
Post a Comment
<< Home