NORTH TEXAS (CBSDFW.COM) – We’ve all seen the icon of a padlock preceding an “https:” internet URL. The “lock” was meant to reassure you the internet page you were going to was secure. A major security bug officially called CVE-2014-0160, but given the name Heartbleed because it can bleed information from websites, has compromised that security.
A SSL/TLS problem with an open-source software called OpenSSL, a cryptographic library used to secure internet traffic, now has internet security departments around the world working overtime.
Researchers say one of the reasons Heartbleed has turned into such a huge vulnerability is because the threat has been active for more than two years. The encryption technology also allows attackers to gather sensitive data without leaving a trace.
The result has researchers recommending that everyone, all users of the internet, change all of their passwords.
A fix to the encryption problem came out April 8, but if the service or website has not installed the fix changing all your passwords won’t do any good.
The security firm Codenomicon, along with a Google Inc. researcher, discovered the problem. A statement on their findings read, in part -
“We have tested some of our own services from attacker’s perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.”
The Heartbleed bug leaves email, banks, e-commerce sites, social networking posts and other internet traffic vulnerable.
Officials with Yahoo Inc. said most of its most popular services had been fixed, but work was still being done. Their statement read -
“As soon as we became aware of the issue, we began working to fix it. Our team has successfully made the appropriate corrections across the main Yahoo properties (Yahoo Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo Food, Yahoo Tech, Flickr, and Tumblr) and we are working to implement the fix across the rest of our sites right now. We’re focused on providing the most secure experience possible for our users worldwide and are continuously working to protect our users’ data.”
Click here to find out more about the Heartbleed bug on CNET.com.
(©2014 CBS Local Media, a division of CBS Radio Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed.)
Latest News:
Colleyville Shedding Some Of Its Small Town Image
Abortion Protestors Target High School Students With Graphic Images
Internet “Heartbleed” Bug Exposing Passwords To Hackers
Father In Mourning Warns Of Dangers of Synthetic Drugs
Public Transit A Problem For Future Events In Arlington
Top Trending:
Texas City Working To Turn Sewer Water Into Tap Water
Plano Man Killed After Reentering Burning Home To Retrieve Phone
Allen ISD’s $60 Million Football Stadium Closed For Months
Spring One Day, Thundersleet The Next
North Texas Man “Crowdfunds” $90,000 Birthday Party
PHOTOS: Your Pet Pictures
