Heartbleed encryption bug, the biggest internet security threat discovered in recent time, but this bug has been around in internet since 2011. It becomes a serious issue in internet today, hackers can still access your data even companies released the patches.
Heartbleed bug actually exploits the encryption system within the web. The encryption and security system within internet known as SSL or security socket layers, new version known as transport layer security. This system diminish chance of accessing of your data by third party.
The open source software used for the implementation of SSL in web known as openSSL. Today 56 percentage of websites runs on this security system, can see HTTPS within urls of such websites.
The heartbleed bug
It is a security vulnerability in OpenSSL software that let attackers to access data from servers of popular internet services. At the same time the services will also loss the security keys that used for encrypting the communication and other valuable files.
More than 5 lacks of websites already affected by this security threat. This security threat was discovered by Google researcher Neel Mehta and an engineer at codenomicon security firm.
Technically this bug known as ‘CVE-2014-0160’ the code contain in the bug, called as heartbleed by system administrator Osi Herrala at Codenomicon service. Unfortunately the bug leaves no traces while spying the data.
How to protect data from heartbleed bug
First of all it is not you the internet services has to be taken the first step to solve this problem. They must reissuing their digital certificate that vulnerable to this bug. LastPass, the password security firm released a heartbleed checker that let you to enter the URLs of the services you used and will tell you whether the service is affected by the bug or not.
The security checker will also tell you about patching statues of the company. If the service patched this flaw then you need to change your password as soon as possible. Keep in mind that changing of password before the service patching the flaw won’t bring any security to your data.
Credit of image : AmongTech