Heartbleed bug

Heartbleed was the popular word of the internet last week, and it still is. What exactly is heartbleed though?

Heartbleed is a major bug within the authentication system for website which use OpenSSL to authenticate website logins. The problem is, a great majority of the internet uses OpenSSL as their authentication system.

The fix against this bug is to update the OpenSSL software on webservers. Major websites like Yahoo, Facebook, Google and plenty of others were affected, however they quickly patched the bug. After the fix is applied, users should change their passwords and make it complex.

Upon the discovery of this bug, the Canada Revenue Agency (CRA) temporarily suspended their online portion of the website. However, today it is reported that on average 900 Canadian social insurance numbers were stolen using the heartbleed bug.

How does heartbleed work though? Take a look at the image below. heartbleedexplained

 

 

 

 

To get more information on the heartbleed bug, visit http://heartbleed.com/

To test some websites, to see if they are currently affected with the heartbleed bug, visit https://filippo.io and enter the website address you wish to test.

In an upcoming article we will talk about password managers and how to choose a strong password and why you should do so.

If you would like more info on passwords, heartbleed, or internet security in general, feel free to contact Group 4 Networks.