Email
Password
Remember meForgot password?
    Log in with Twitter

Heartbleed virus poses risks to all data, sent and received

By Simon Crompton     Apr 9, 2014 in Technology
When security researchers noticed issues with encryptions used to securely transmit emails, e-commerce transactions, social network posts, and other Web traffic, they dug deeper to discover the cause was something lurking for over two years.
The Heartbleed virus has gone undetected for that long and has compromised passwords, credit cards, as well as other sensitive data.
Indeed, the credit card vulnerability could lead to scammers destroying your credit rating leading you to seek out the services of creditrepairaid.org.
Its potential for damage is serious because it has gone undetected for so long, so there is no way to tell how far reaching its effects are. Viruses attack vulnerabilities without leaving a trace, so any data sent during the past two years is essentially subject to this compromise.
Experts advise users of online applications to change all passwords.
Heartbleed is basically a breach involving SSL/TLS, which is an encryption technology. This protection is denoted by the small padlock icon you see when you view https sites. Both indicate that traffic coming into and leaving your computer is secure.
The flaw in the technology was discovered separately by researchers at Google Inc. and by Codenomicon, a Finnish security firm.
It seems to only affect one variant of the SSL/TLS technology known as OpenSSL, however, this variant is the most commonly used form of securing traffic on the Internet today.
According to researchers at Codenomicon, Open SSL is used by Apache and nginx, two of the most widely used Web server platforms, which means several websites are vulnerable to this potential breach in security.
Yahoo’s blogging service, Tumblr, also uses OpenSSL, but reported on Tuesday that there was no evidence of breach and had immediately implemented the fix that was released on Monday.
"But this still means that the little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit," Tumblr's blog post read.
"This might be a good day to call in sick and take some time to change your passwords everywhere — especially your high-security services like email, file storage, and banking, which may have been compromised by this bug."
More about heartbleed, Virus, Data, Credit cards