One would think the NSA was doing a fine job decrypting petabytes of data, but a recently discovered flaw in the SSL certificate managing secure transactions apparently outdid them.
Named, the “Heartbleed bug”, this software glitch in the core of the secure certificate layer is now affecting approximately two thirds of the Internet that uses server software.
Why it is called the Heartbleed Bug?
“Because the bug exists in the OpenSSL’s implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520). When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server.”
The bug affects websites running Apache and Nginx server software and it can potentially expose private information entered into website forms, email and other private messages encrypted via SSL.
The Finnish security firm, Codenomicon Defensics seized the opportunity and registered the domain name, Heartbleed.com, where it provides plenty of background information on the security bug, and methods of patching it on your server.
For more information, visit Heartbleed.com.
Copyright © 2024 DomainGang.com · All Rights Reserved.