The recently identified internet security bug Heartbleed has left a large chunk of user data exposed to hackers, per Washington Post’s Lindsey Bever. This has led to a threatening effect among the internet community.
Tumblr has requested users to change their passwords for all their online accounts. A notice has been issued on its blog warning users about the possible devastation this could lead to.
Heartbleed is a bug which affects all systems linked to the OpenSSL cryptographic software library. OpenSSL is a technology which is used to protect the user IDs and passwords and other web information like credit card details on website that use HTTPS encryption.
It allows anyone on the Internet to read the memory of the systems protected by the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. Thereby allowing attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.
The bug was identified by Neel Mehta at Google’s security team and the team of security website Codenomicon. As reported by Los Angeles Times, it has been two years since OpenSSL got affected with it. However, there is a sign of relief, as only one version has been affected till date and a fix for it has already been issued.
To contact the author, email at email@example.com