Skip to main content

"Heartbleed" Bug causes major security headaches across the Internet websites

A confounding computer bug called "Heartbleed" is causing major security headaches across the Internet as websites scramble to fix the problem and Web surfers wonder whether they should change their passwords to prevent theft of their email accounts, credit card numbers and other sensitive information.

Heartbleed creates an opening in SSL/TLS, an encryption technology marked by the small, closed padlock and "https:" on Web browsers to signify that traffic is secure. The flaw makes it possible to snoop on Internet traffic even if the padlock had been closed. Interlopers could also grab the keys for deciphering encrypted data without the website owners knowing the theft had occurred, according to security researchers.

The problem affects only the variant of SSL/TLS known as OpenSSL, but that happens to be one of the most common on the Internet. About two-thirds of Web servers rely on OpenSSL, Chartier said. That means the information passing through hundreds of thousands of websites could be vulnerable, despite the protection offered by encryptions. Beside emails and chats, OpenSSL is also used to secure virtual private networks, which are used by employees to connect with corporate networks seeking to shield confidential information from prying eyes. Yahoo, Google and Facebook confirmed they had been affected by the OpenSSL flaw and had applied fixes to their systems.

Yahoo, which has more than 800 million users around the world, said Tuesday that most of its popular services had been fixed, but work was still being done on other products that it didn't identify. The repairs have been made on a list of services that includes its home page, search engine, email, finance and sport sections, Flickr photo-sharing service and its Tumblr blogging service. Security experts said Yahoo users, in particular, should change their passwords, because that company had not completely patched its software until after the flaw became public. On Tuesday afternoon, while looking for vulnerabilities, researchers reported that they had been able to capture user names and passwords from Yahoo.

Google is so confident that it inoculated itself against the Heartbleed bug before any damage could be done that the Mountain View, California, company is telling its users they don't have to change the passwords they use to access Gmail, YouTube and other product accounts. More than 425 million Gmail accounts alone have been set up worldwide.

Facebook, which has more than 1.2 billion account holders, also believes its online social network has purged the Heartbleed threat. But the company encouraged "people to take this opportunity to follow good practices and set up a unique password for your Facebook account that you don't use on other sites."

Twitter and e-commerce giant Amazon say their websites weren't exposed to Heartbleed.
The folks over at Mashable have also set up a handy list of other services for which you might need to change your password, thanks to Heartbleed.

Comments

Popular posts from this blog

How to setup a repair center for Mobilephones, laptops & computers?

Starting any business requires much thought and research. Below are some points that need to be considered before starting an electronic devices repair business.

1. Domain Knowledge
As an entrepreneur you should have the necessary domain knowledge to handle electronic devices. We advise you to have the necessary educational qualifications to back you, namely diploma or degree in electronics. If not appropriately qualified, you should at least possess knowledge by having worked in a repair store.

2. Location
The first thing to consider here is to select a storefront to setup your business. Having a storefront means your business is out there for everyone to see, to visit, and the potential for income can be pretty high. Physical location is going to be key. You want a place with easy access, in an area with a large enough customer base to attract, and preferably in an area with little or no competition. These three factors can make or break your business and should be considered with care.…

Samsung has introduced four new budget smartphones

Samsung has introduced four new smartphones - Galaxy Core II, Galaxy Ace 4, Galaxy Young 2, Galaxy Star 2. All new Galaxy devices run the latest Android 4.4 operating system.





www.bigfix.in

USSD Code of Telecom operators in India

#Airtel #Aircel #Idea #Vodafone #BSNL #Reliance #Docomo USSD Codes ---