Protect your identity from the Heartbleed bug

Let’s discuss the key details of Heartbleed, internet security error which was detected last week through this post.

What isHeartbleed bug?

Heartbleed, an internet security flaw has been featured in the news recently and it may put many websites at risk. It is not a virus; it’s just a security error! Not only the websites, it has ability to affect networking equipment, switches and Firewalls. With this vulnerability, a remote attacker could extract information from any remote server running OpenSSL software. OpenSSL is the widely used protocol which is adopted by 66% of web. Heartbleed was discovered by a security company called Codenomicon and Neil Metha, a Google researcher. This bug has been present in the web since 2011 and now it is widely available which would make the websites running the non-patched OpenSSL more vulnerable for phishing operations.

Why does it matter?

About two-thirds of the servers currently on the internet use OpenSSL and these could be affected with Heartbleed bug. Hackers could potentially use this bug to breach a system and steal passwords & security information. Also, it would let the attackers to obtain the secret keys of the server and they could leave without any evidence. Thus you may never know that you’ve been hacked or not.

Which sites were affected by Heartbleed?

As Heartbleed allows potential hackers to steal passwords, credit card information and other encrypted data, the internet users are scaring a lot with its massive security threat. It has skill to break the SSL encryption of some giant internet companies like Google, Yahoo, Tumblr, Instagram, Amazon, Dropbox and some dating websites. Some of the web firms have claimed that they have fixed this issue with a security patch by updating their servers.

Heartbleed

Heartbleed bug has to be seriously handled and it nudged some services & websites to enter their patch mode. Here you could check some of the websites that had reacted to the Heartbleed bug. Moreover, Google announced that smartphones and Tablets that runs on a specific version of Android were affected by this web security bug which could leak the login credentials to the hackers.Apple says that the IOS devices are unaffected.

What you need to do to stay safe from Heartbleed?

Here are some preventive measures to stay safe from Heartbleed

  1. Millions of internet users are asking “which websites are affected by Heartbleed bug?” Make use of the tools like Filippo.io or Lastpass to check whether the affected sites have been patched or not.
  2. Change your password on every site that is affected and has been patched.
  3. It would be better using a password manager to create secure passwords for your various online accounts.
  4. Don’t use the same password for two websites and have it in mind that thousands of Yahoo passwords have been stolen.
  5. Since the attackers could steal your data and leave without evidence through the Heartbleed bug, it would be upright to delete all your important documents from your email account and store them in to your PC.
  6. Even though the bank accounts are not affected much with this security issue, avoiding online banking for a while could be a safe option to protect your bank accounts. Also be sure to remove your credit card and bank details from the ecommerce websites and other internet pages.
  7. It would be virtuous to visit Heartbleed to get detailed information about this bug.

Heartbleed

If you have Android device, do check the useful app, Heartbleed security scanner  to handle it.

Conclusion

Study says that nearly 2/3rd of the internet is affected by Heartbleed bug that could have skill to disrupt all the internet activities, if used by the hackers. We should thank the great achievers who revealed this security flaw and thus many websites have rolled out a fix to this issue. The affected web pages need to update new encryption software to fix this bug. Changing your password on the not-yet fixed site makes no sense as it would even create new vulnerability. So, don’t act too quickly to change your password. Instead, be sure to confirm the pretentious websites are patched to beat the Heartbleed bug and then reset your passwords on them.

If you’re a website owner/network manager, you should apply the patch and reissuing the SSL security certificates to create new passwords for your users. I hope that you’ve expanded your knowledge about Heartbleed bug through this post and do share your views through comment.


Shortlink: http://bit.ly/2bukCOS

About the author

Avatar

Zainil Dedhia

Zainil is commerce graduate & is pursuing his further studies in commerce. He loves to write about software's & social media.

Connect with Zainil: Facebook and Twitter.

8 Comments

Click here to post a comment

All the data shown above will be stored by Techtricksworld.com on https://www.techtricksworld.com. At any point of time, you can contact us and select the data you wish to anonymise or delete so it cannot be linked to your email address any longer. When your data is anonymised or deleted, you will receive an email confirmation. We also use cookies and/or similar technologies to analyse customer behaviour, administer the website, track users' movements, and to collect information about users. This is done in order to personalise and enhance your experience with us.

  • Thanks Zainil and Atish for this awareness on HeartBleed bug. As you have mentioned We need to ensure that the patch has been applied before we change the password in the affected sites else it does not make sense. Thanks for sharing this in depth article on HeartBleed

  • Thanks for writing the detailed post about Heartbleed bug Zainil.

    I read few details about this security issue in some blogs but I got its significant information here.

    I’ve visited the links which you’ve given and came to know the affected websites by Heartbleed bug. Also thanks for displaying the tools to check whether the affected websites are patched or not, it would help your readers to change their passwords over there.

    Keep sharing the tech updates, I would like to read them.

  • I am happy as my website is safe from this heartbleed bug, thanks for the tool !
    “Don’t use openSSL” i don’t have to change my password and other information!

  • I would like to say thank you for suggesting me two free tools to check any website whether it is safe or not . And You have written a very detailed article about this security headache . Great informative article .

  • Nice and very informative post

    Great work on updating and creating awareness about the heartbleed bug. Though it was not a virus but was security error it really had created a buzz online. It was very dangerous as hackers used this for tracking and finding passwords and other security information.

    We should first of all thank Codenomicon and Neil Metha who tracked it down. It was affected by many top websites like Google, yahoo. tumblr etc. It is said that many of the websites have cleared this issue . Tablets and smartphones were much affected by this. This article was of great help as it discloses some important information on this bug and also the ways to stay safe from heartbleed

    Thank you for sharing.

  • Thanks for sharing this very important post. It has been rumoured that more than 500 million websites feared to be vulnerable to this new bug.