Heartbeat Heartbleed Bug Breaks Worldwide Internet Security Again

Heartbleed Bug

Heartbleed Bug

 

Every day you use encryption technology to protect your data, your applications and online services . Most of the time most people are blissfully unaware it is even happening. Whether you are a consumer accessing your Internet bank site, using a mobile application to log in and share data or trading online most of our use of modern technology involves this key capability and without it trust on the Internet is significant undermined. A new bug, again, puts trust on the Internet at risk on a significant scale. The bug, dubbed ‘heartbleed’ is based on a fault in functionality in the widely usedOpenSSL library. It was originally discovered by Neel Mehta of Google GOOG +1.65% Security. This library is extremely widely used from security vendors products to secure web browsing (when you log in to a site and see https://) and even mobile banking applications.  The Apache web serverwhich powers a substantial part of the Internet tends towards using OpenSSL. You may be using it at your business right now and many popular services likeYahoo YHOO +3.07% have been shown to be vulnerable (see the image below). UPDATE Yahoo is no longer vulnerable to the attack, but there may have been significant data leaked for the extended period where they were running the vulnerable software.  Continue reading