• Monday, December 22, 2014

Freedom in the air

New threat to internet security

Users advised to reset passwords

Mail Online

Internet users have been warned to change all their computer and phone passwords following what could be a 'catastrophic' security breach.
Major technology firms have urged the public to immediately update their online security.

The alert is the result of the discovery of an internet bug called 'Heartbleed', which is able to bypass computer security settings.
As a result, personal information such as passwords and credit card details has been accessible.
Heartbleed, so called because it creates a 'bleeding' leak of security, is a flaw in OpenSSL, the software used by the majority of websites to keep data secure.
The programme works by encrypting data – such as emails, instant messages, bank details or passwords – making it look like nonsense to hackers.
When a line of communication is secure and information encrypted, the user sees a padlock on the page.
When software is active, one computer may send a 'heartbeat' – a small packet of data – to check there is still another computer at the other end.
However, a flaw in the programming meant it was possible to trick the computer at the other end by sending it a packet of data that looked like one of these heartbeats.
This made it possible for hackers to impersonate the website and steal the encryption keys, revealing the data being sent.
The bug was found simultaneously by a Google security researcher and a small Finnish security firm named Codenomicon and disclosed on Monday night.
Many companies have installed a 'patch' to fix the flaw, but there are still many that are vulnerable as service providers must install the update.

Published: 12:01 am Friday, April 11, 2014

Last modified: 10:07 pm Friday, April 11, 2014

TAGS: Internet security reset passwords catastrophic security breach internet bug Heartbleed

Leave your comments | Comment Policy
eDaily Star
BIT DEFENDER