Search My Network

Saturday, April 12, 2014

The Internet's Heart is Broken...

By now, you have heard of the bug, "Heartbleed" that has nearly all manner of websites updating their system servers.  Heartbleed is a radical security hole that was identified on April 7th, 2014, which allows malicious hackers to bypass the encryption of OpenSSL software which secures a majority of servers on the internet.

Only OpenSSL versions 1.0.1 through 1.0.1f which utilize the Heartbeat extension are at risk.  You will have to contact your host in order to see what if you use the OpenSSL system and whether or not your server uses a version that is affected with the heartbeat extension compiled in.

SSL Security Certificates themselves are not broken, though if you are using OpenSSL on your server, you should have your administrator upgrade to version 1.0.1g immediately, wipe the server cache, and then reboot.

You should also advise your users that they should secure their account with a new password because of the threat this security vulnerability.

Users who participate in any membership on any website should also make the rounds, find if your service has addressed the issue, make sure that they have or will, and once they have, change your password.

This is a huge frick'n deal.  It will inconvenience all of us (at the least) for a very long time.  The worse case scenario is that you might have your personal information that is stored on any server, stolen.  So the whole of the internet, administrators and users, have to address this issue immediately.

No comments:

Post a Comment