'Heart Bleed' Bug Ravages Web, Users Urged to Change Passwords
Internet security professionals from across the world have been in a panic as the recently discovered "Heart Bleed" bug debuted shortly after being discovered Monday morning. This exploit is perhaps one of the greatest threats to ever surface on the World Wide Web, threatening to reveal sensitive consumer identification information on a massive scale. The exploit, discovered jointly by security engineers working at Google and Codenomicon, is a flaw in popular encryption technology OpenSSL. Much of the angst surrounding the bug is because of how long it has apparently existed, and the very fact that attackers are untraceable.
The bug can be a little tricky to explain, but it revolves around a piece of software called OpenSSL that essentially helps in ensuring user information is encrypted over the internet pipeline; when you're making a purchase online, entering sensitive user details, or sending an email, this technology is at work to safeguard you from prying eyes. However, an exploit in OpenSSL has allowed hackers to gain access to this information for over two years.
Most of the web is believed to be affected by the bug, although no one is certain how widespread attacks might have been over the last two years. At the time of the discovery, Yahoo.com was the only major internet company to be affected by 'Heart Bleed'; companies such as Amazon and Facebook are unaffected, however, they may have run the bugged software at one point in time. According to a Netcraft web survey, over 66% of websites online are believed to be affected by the exploit.
One internet security firm, Fox-IT, simulated an "attack" on Yahoo to conclude how devastating the bug is overall. Ronald Prin, an analyst that led the simulation, tweeted that "We were able to scrape a Yahoo username & password via the Heartbleed bug," eventually adding that "... ran my heartbleed script for 5 minutes, now have a list of 200 usernames and passwords for yahoo mail...TRIVIAL!" Since the time of this simulation, Yahoo has already applied patches preventing further exploit.
Tuesday night, at approximately 9PM, Plymouth servers were taken down to apply security upgrades. According to a post by JoAnn Guilmett, Director of Client Services at Plymouth State, "A critical vulnerability has been identified that impacts a number of PSU's systems including myPlymouth and its related services (such as Moodle, Mahara, Self-service Banner, Banner INB, and PSU blogs)." These services have long since been restored, and downtime is likely related to the exploit's discovery.
It is highly advisable that anyone who is concerned with their internet security to immediately change their passwords for any service they use, and to presume their information has been compromised. It is important that this information is passed on to as many individuals as possible, as remedying the overall solution requires effort from both web administrators, who may not know of the exploit, and users alike.
Get Top Stories Delivered Weekly
More theclockonline News Articles
- The Afrofutures of Feminism: Young, Gifted, and Black
- A Weekend of Darkness
- Elizabeth Warren Visits PSU
- Freedom of Speech at PSU
Recent theclockonline News Articles
Discuss This Article
MOST POPULAR THECLOCKONLINE
Campton Elementary School 8th Grade Silent Auction & Spaghetti Dinner By Rebecca Tgibedes
Will You? By Isabelle Elsasser
Summer in the Sunflowers By Emily Holleran
Student Spotlight: Sabrina Siegel By Justine Walsh
GET TOP STORIES DELIVERED WEEKLY
FOLLOW OUR NEWSPAPER
LATEST THECLOCKONLINE NEWS
RECENT THECLOCKONLINE CLASSIFIEDS
OUTSIDE THE LINES
- Helping Alleviate Children’s Anxiety
- Vitamins and Minerals: Fortifying Against Poor Oral Health
- Do you PHIT? Why A Career in Public Health Informatics...
- Do you PHIT? Why A Career in Public Health Informatics...
- Shining a Spotlight on Kidney Health: Get to Know Your...
- Phony Investment “Opportunities” Can Cost You Big, Say...
- Do you PHIT? Why A Career in Public Health Informatics...
- Do you PHIT? Why A Career in Public Health Informatics...
- Do you PHIT? Why A Career in Public Health Informatics...
- Do you PHIT? Why A Career in Public Health Informatics...
FROM AROUND THE WEB
- Wow Your Easter Guests With Easy Spring Surprise Cake
- Help Toys for Tots Turn the Page on Poverty for Children...
- How High-Speed, Low-Latency Satellite Connectivity Can...
- ONCE UPON TOMORROW: Harnessing the New Opportunities the...
- Coverage for Obesity Care is Only Fair
- BookTrib’s Bites: From Science Fiction to Murder Mysteries
- Local Artists Collaborate for a Unique Fusion of Groove...
- Celebrate St. Patrick's Day with No Booze, Just Pure...
- Explore Downtown San Pedro with Flair: Ride the Iconic...
- ProExpo Hosts Free Event to Promote Health and Wellness...
COLLEGE PRESS RELEASES
- THE GEN Z IMPERATIVE: LISTEN TO FEELINGS AND GIVE GEN Z A VOICE
- Shoff Promotions Comic Book & Sports Card Show
- State Department Announces 2023-2024 Fulbright Top Producing Institutions
- Shoff Promotions Comic Book & Sports Card Show
- JAMES BEARD FOUNDATION NOW ACCEPTING APPLICATIONS FOR ITS 2024 SCHOLARSHIP PROGRAM