Heartbleed Bug is a serious flaw and a major new vulnerability to all website that use Open SSL. In simple words, this bug will gains access to the password of an user, who have been using a particular website to get access to contents, pictures, videos and etc. Heartbleed Bug will fool them by redirecting them to a bogus website and getting access to all the important details.
The problem was disclosed recently by a popular website, which was using the Open source software known as OpenSSL, which is widely used for encrypting Web-Communication.
Heartbleed bug causes extreme vulnerabilities as it significantly changes the functionality of a website. A user unknowingly will be made to change his password, if the website he/she has been using is affected by Heartbleed bug. This could be one of the most serious problems as more and more people move online for their day to, day life. This bug was first reported to the team behind the Open source software OpenSSL. This open source software code known as OpenSSL has been online for about two years now. After investigating the problem faced by many user’s and website owner they confirmed the flaw on Monday 08th of April 2014.
How it works?
In a network of computers, the one affected computer sends some data or in technical language data packets to a computer responding on the other side of its request. The computer sends this request to the other computer to check, whether there is a computer at the the other end. This is done to confirm that it is a secure connection and transaction can be done. Now, the first computer that has sent the request to confirm a secure transaction will send data, what’s known as heartbleed.
How big and bad is that?
A web server as we all know keeps a lot of information in their active memory, for easy access to a user. The information kept includes username, password and all the content that has been uploaded by the user, in order to gain/avail a service. Heartbleed bug, if it has affected a web server or the network used can get access to all those important details. This bug can also get access to credit card details. This bug can allow a hacker to get access to encrypted keys, which are codes that convert junk/meaningless data to readable information.
Is it affecting me?
Heartbleed bug will not create any problem/issue on your stand alone Personal Computer. This bug will never affect your Smartphone or the tablet that you use in your day to day life. This bug will only create problem with the software, app or the website that you use every day to avail those services.
At last the only question that comes to my mind is, with something like this is whether Web companies will reform their security practices or they will still go on with what they were doing earlier. It’s your time to answer, please leave a comment to this topic.