All of us use devices connected to the internet every single day, whether it is to browse the web, get our financial information or connect to our children’s schools. So it is essential for us to understand the implications of the HeartBleed Bug for us as an internet user. In this article, we explain the HeartBleed bug in a layman’s language and its impact upon the regular user.
When you submit any information on the internet, whether it is a keyword or phrase that you are searching on Google or a username for logging into a secure website, your query is converted into a coded message or encrypted to insure its security from an ‘eavesdropper’.
The security flaw termed as the HeartBleed Bug, enabled eavesdroppers or hackers to decode the stored encrypted data. This is dangerous since some of the stored data on servers includes passwords and credit card numbers. A security patch to fix this flaw was released by the open source group responsible for OpenSSL.
Web servers are software servers that are built with a number of open source libraries – it is a tapestry of open source frameworks and modules that are woven together. Every single request each of us submits on the internet is processed by a web server. OpenSSL is part of any web server software that is encrypting the request and response via the web server. Now, there are many different versions of the OpenSSL Libraries – think of it as different fixes to the software bugs and optimizations performed on the code. So every server could potentially have a different version of the OpenSSL library. Luckily, not all versions of the OpenSSL library are affected by the HeartBleed Bug.
Companies of all sizes, anyone who maintain a server are busy patching their servers and software. MobileArq Servers are not affected by the flaw as we do not use the version of OpenSSL that is affected. It is always a good practice to keep your software and servers updated as well as change passwords on a regular basis.
Thus, what can an Internet user do about this Heartbleed bug? The user needs to be aware of the websites that visit/use and make sure that these destinations and have updated their servers to fix the Heartbleed bug security flaw. In general, every consumer should change passwords to their email accounts, internet banking accounts and any other web applications or apps that they use over the internet.