In this world of technology very often we hear thread of virus, trojans, vulnerability or bugs in operating systems and applications, and the first action we users are instructed to do first is to update the software with the latest release or also update the antivirus’s database because the thread has already been fixed or blocked.
However, this time it is different, the Google’s engineer along with Codenomicon’s engineer have found a bug called Heartbleed in the OpenSSL protocol, an implementation of the open source SSL and TLS protocols that is widely used by most common browser, eg: Firefox, Internet Explorer and Chrome. This protocol is used when we navigate on websites that requires encryption, generally when evolves sensitive information such passwords, confidential information (banks, credit cards, purchases, etc) and we can notice this because the browser puts a padlock icon in the URL bar and also changes the URL address to use “https” instead of “http” protocol.
At this time, we users cannot do anything to fix or avoid it because those fixes should be updated in the servers of the websites. More than this, the manufactures still have to analyze the impact and how to implement this fix, and now there is no prediction how much time it will take to have this fixed. According to specialists in encryption, on a scale of 1 to 11 (the gravity of the threat) is about 11. Even though we users can’t get fixed it now by ourselves, it’s worth to keep the operating system, antivirus and firewall up to date anyways and always.
No comments:
Post a Comment