- Sputnik International
World
Get the latest news from around the world, live coverage, off-beat stories, features and analysis.

Experts Uncover Serious Risk to Global Internet Data From ‘Heartbleed' Bug

© Fotolia / jamdesignExperts Uncover Serious Risk to Global Internet Data From ‘Heartbleed' Bug
Experts Uncover Serious Risk to Global Internet Data From ‘Heartbleed' Bug - Sputnik International
Subscribe
A serious problem with an encryption technology used to securely transmit much of the Internet’s traffic has been independently discovered by researchers at Finnish Codenomicon and Google.

MOSCOW, April 9 (RIA Novosti) – A serious problem with an encryption technology used to securely transmit much of the Internet’s traffic has been independently discovered by researchers at Finnish Codenomicon and Google.

The Finnish-American Codenomicon, an expert in robustness testing, published a warning Tuesday about the encryption flaw, creating a separate site on the problem to explain the threats and help guide users to possible fixes.

“The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by vulnerable versions of OpenSSL software. This compromises the secret keys used to identify the service providers,” the Heartbleed.com website says, adding that the vulnerability could allow the interception of private data and encryption keys.

Information security experts stressed the gravity of the threat as the issue remained undiscovered for over two years. Attackers could have taken advantage of the vulnerability without leaving any trace, compromising virtually anything sent during that time.

Although the flaw has been present in encryption systems since December 2011, researchers at Codenomicon stressed there is no proof the possibly intercepted data has been used for wrongdoing.

Security experts recommend upgrading to the fixed OpenSSL version as soon as possible, as well as changing passwords. According to various estimates, up to 66 percent of the entire World Wide Web could have been affected.

OpenSSL is an open-source software platform that is one of the major technologies for online security, used to encrypt web data, protect websites, instant messaging, email servers, virtual private networks and other communications.

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала