Being touted as the most threatening security bug to ever rock the World Wide Web, Heartbleed surfaced earlier this week and continues to be a major threat for internet users. The encryption flaw makes almost any password protected account on the internet vulnerable to an outright breach. The bug is not only affecting websites like Gmail, Yahoo and Facebook but can also potentially expose bank account and credit card numbers. The bug was reportedly discovered by a member of Google's security team and a software security firm called Codenomicon. The bug has the ability to run down any SSL security encryption and forge or duplicate authentication cookies to access personal information. As the fight to fix this bug continues, here is all that you need to know about Hearbleed bug –
How Does Heartbleed Function?
Heartbleed creates voids or openings in SSL/TLS encryption technology marked by the small, closed padlock and "https:" on Web browsers to show that traffic is secure. In simple words – it is a bug that is presently running on the servers of almost all the websites in the world using open SSL encryption. It allows hackers to trespass in the encryption between you and the site in order to access private information.
Are All The Websites Affected By This?
No, not all the websites are affected by Heartbleed. Only the websites running open SSL security encryption are vulnerable to hack attacks.
Is This A Hack Attack?
Actually, this is not a major hack attempt. This is a just a code error (or accident) by the team who created OpenSSL.
Is It Being Fixed?
Well, yes it is. A patch which is usually implemented to fix this leak is being used currently by every major Linux distributer and cloud host. But as the internet is a cosmos in itself, it will take some time for every website to become secure.
What Are The Major Websites Affected
Tumblr, Gmail, Yahoo Mail, Google and Yahoo
Which Major Websites Remain Unaffected
LinkedIn, AOL, Hotmail/outlook, Amazon and Microsoft
Will Changing Passwords Help?
Though it is advisable to change your passwords, it will actually not be of much help. Changed passwords will undoubtedly resist the hack but will eventually be breached till the time the bug is alive.
Arrange by dearJulius.com Team