'Heart Bleed' Bug Ravages Web, Users Urged to Change Passwords
Internet security professionals from across the world have been in a panic as the recently discovered "Heart Bleed" bug debuted shortly after being discovered Monday morning. This exploit is perhaps one of the greatest threats to ever surface on the World Wide Web, threatening to reveal sensitive consumer identification information on a massive scale. The exploit, discovered jointly by security engineers working at Google and Codenomicon, is a flaw in popular encryption technology OpenSSL. Much of the angst surrounding the bug is because of how long it has apparently existed, and the very fact that attackers are untraceable.
The bug can be a little tricky to explain, but it revolves around a piece of software called OpenSSL that essentially helps in ensuring user information is encrypted over the internet pipeline; when you're making a purchase online, entering sensitive user details, or sending an email, this technology is at work to safeguard you from prying eyes. However, an exploit in OpenSSL has allowed hackers to gain access to this information for over two years.
Most of the web is believed to be affected by the bug, although no one is certain how widespread attacks might have been over the last two years. At the time of the discovery, Yahoo.com was the only major internet company to be affected by 'Heart Bleed'; companies such as Amazon and Facebook are unaffected, however, they may have run the bugged software at one point in time. According to a Netcraft web survey, over 66% of websites online are believed to be affected by the exploit.
One internet security firm, Fox-IT, simulated an "attack" on Yahoo to conclude how devastating the bug is overall. Ronald Prin, an analyst that led the simulation, tweeted that "We were able to scrape a Yahoo username & password via the Heartbleed bug," eventually adding that "... ran my heartbleed script for 5 minutes, now have a list of 200 usernames and passwords for yahoo mail...TRIVIAL!" Since the time of this simulation, Yahoo has already applied patches preventing further exploit.
Tuesday night, at approximately 9PM, Plymouth servers were taken down to apply security upgrades. According to a post by JoAnn Guilmett, Director of Client Services at Plymouth State, "A critical vulnerability has been identified that impacts a number of PSU's systems including myPlymouth and its related services (such as Moodle, Mahara, Self-service Banner, Banner INB, and PSU blogs)." These services have long since been restored, and downtime is likely related to the exploit's discovery.
It is highly advisable that anyone who is concerned with their internet security to immediately change their passwords for any service they use, and to presume their information has been compromised. It is important that this information is passed on to as many individuals as possible, as remedying the overall solution requires effort from both web administrators, who may not know of the exploit, and users alike.
Get Top Stories Delivered Weekly
More theclockonline News Articles
- The Afrofutures of Feminism: Young, Gifted, and Black
- A Weekend of Darkness
- Elizabeth Warren Visits PSU
- Freedom of Speech at PSU
Recent theclockonline News Articles
Discuss This Article
MOST POPULAR THECLOCKONLINE
Campton Elementary School 8th Grade Silent Auction & Spaghetti Dinner By Rebecca Tgibedes
Will You? By Isabelle Elsasser
Summer in the Sunflowers By Emily Holleran
Student Spotlight: Sabrina Siegel By Justine Walsh
GET TOP STORIES DELIVERED WEEKLY
FOLLOW OUR NEWSPAPER
LATEST THECLOCKONLINE NEWS
RECENT THECLOCKONLINE CLASSIFIEDS
OUTSIDE THE LINES
- A Story To Sing About
- The Gap in Gum Care: Why Caring For Your Teeth’s F...
- Top Tips for Signature Scents and Better-Smelling Laundry
- A Dog Trainer’s Top Tips to Support Pets Through Life S...
- Clear the Air of Indoor Pollutants This Spring
- Stroke & Dementia in Black Men: Tips for Staying Healthy...
- Hispanics and African Americans at Higher Risk for Eye...
- African Americans at Higher Risk for Eye Disease
- Infinity Kings: Final Book In A Favorite Fantasy Series
- What You Need To Know About Keratoconus and the iLink...
FROM AROUND THE WEB
- Don’t Let Diabetes Shortchange Your Golden Years
- No Child is Forgotten By Marine Toys for Tots
- Sweeten Your Springtime Salads With Healthy Chilean Grapes
- Young Author Translates 4,000-Year-Old Text to Reveal...
- Keeping Cool and Energy-efficient Amid America’s “...
- Addressing Sarcopenia with a Healthy Diet
- Subway’s New Wraps Elevate Eating on the Go
- Family Teacher Conference Topics Beyond Academics
- Youth Take Down Tobacco
- BookTrib’s Bites: Four Reads to Kickoff Spring
COLLEGE PRESS RELEASES
- Shoff Promotions Comic Book & Sports Card Show
- Semiconductor Research Corp unveils 2024 Research Call, $13.8M Funding
- Charles River Associates Opens Second Scholarship Cycle, Expands to the UK
- BLUMHOUSE AND AMC THEATRES LAUNCH FIRST-EVER HALFWAY TO HALLOWEEN FILM FESTIVAL
- THE GEN Z IMPERATIVE: LISTEN TO FEELINGS AND GIVE GEN Z A VOICE