Recently, a huge security scare plagued the internet. This security vulnerability was coined The Heartbleed Bug, named for its relationship to the heartbeat on a server. The internet was in shock, emails were flying to reset passwords, and experts warned of an ominous outcome.
Before we can understand what exactly happened, we need to understand what The Heartbleed Bug is all about.
OpenSSL is an open source library of sorts. It allows for encryption of a connection on the internet. SSL stands for Secure Socket Layer, and is most easily recognized by the green bar or symbol in the left hand side of your browser’s address bar. It also is identified by the use of https:// a secure form of http://.
In a vulnerable version, an attacker can use the internet to access memory of a server via an exploited heartbeat. This memory may hold sensitive information. Since a large.
In short, yes. A patch was released. However, in order to no longer be vulnerable, it is imperative that the patch is installed.
At this point in time, most important internet vendors have completed the patch. In addition, hosting providers rolled out their patches for servers.
Absolutely! Even if you are not in charge of a server, there are several things you can do:
With a little precaution and some password updates, your internet assets can continue to stay safe.
Codenomicon. (2014, May 21). The Heartbleed Bug. [Web Log Post]. Retrieved from http://heartbleed.com/