​What is Heartbleed, anyway?

If you're an IT professional, gadget blogger or token geek in your circle of friends, chances are, you've been hounded relentlessly over the past couple of days about "this Heartbleed thing."

"Do I need to update my antivirus?"

"Can I login to my bank account now?"

"Google already fixed it, right?"

We've heard them all, but the answers aren't all that clear or simple. In an attempt to take the pressure off -- it is the weekend after all -- we've put together a primer that should answer all of those questions and a few more. Next time someone asks you about that "Heartbleed thing," just shoot them in our direction.

HOW IT WORKS

The problem affects a piece of software called OpenSSL, used for security on popular web servers. With OpenSSL, websites can provide encrypted information to visitors, so the data transferred (including usernames, passwords and cookies) cannot be seen by others while it goes from your computer to the website.

OpenSSL is an open-source project, meaning it was developed by really talented volunteers, free of charge, to help the internet community. It happens that version 1.0.1 of OpenSSL, released on April 19th, 2012, has a little bug (a mistake introduced by a programmer) that allows for a person (including a malicious hacker) to retrieve information on the memory of the web server without leaving a trace. This honest mistake was introduced with a new feature implemented by Dr. Robin Seggelmann, a German programmer who often contributes security code.

Heartbleed exploits a built-in feature of OpenSSL called heartbeat.

Heartbleed exploits a built-in feature of OpenSSL called heartbeat. When your computer accesses a website, the website will respond back to let your computer know that it is active and listening for your requests: This is the heartbeat. This call and response is done by exchanging data. Normally when your computer makes a request, the heartbeat will only send back the amount of data your computer sent. However, this is not the case for servers currently affected by the bug. The hacker is able to make a request to the server and request data from the server's memory beyond the total data of the initial request, up to 65,536 bytes.

Much more here

Views: 115

Reply to This

Replies to This Discussion

Permalink Reply by truth on April 16, 2014 at 2:20pm

Heartbleed is about to get worse, and it will slow the Internet to ...

Efforts to fix the notorious Heartbleed bug threaten to cause major disruptions to the Internet over the next several weeks as companies scramble to repair encryption systems on hundreds of thousands of Web sites at the same time, security experts say.

Estimates of the severity of the bug’s damage have mounted almost daily since researchers announced the discovery of Heartbleed last week. What initially seemed like an inconvenient matter of changing passwords for protection now appears much more serious. New revelations suggest that skilled hackers can use the bug to create fake Web sites that mimic legitimate ones to trick consumers into handing over valuable personal information.

Permalink Reply by Tara on April 16, 2014 at 8:22pm

I know at work, our registers and computers have been bogged down more than normal. I wonder if 'Heartbleed' is the culprit?

Permalink Reply by Central Scrutinizer on April 20, 2014 at 2:22am
Permalink Reply by Christopher on April 26, 2014 at 1:10pm

"Canadians filing taxes late due to 'Heartbleed' bug won't face penalties: CRA"

Canada Revenue Agency says Canadians will not face penalties if they’re late in filing their 2013 tax returns as a result of the 'Heartbleed' bug that forced the shutdown of the agency's website.

Link to original story: http://www.ctvnews.ca/canada/canadians-filing-taxes-late-due-to-hea...

The Android 4.1.1 system is susceptible to the "Reverse Heartbleed" virus - a variation of the bug that has alarmed authorities worldwide and last week helped hackers to steal social insurance numbers from the Canada Revenue Agency.

Link to original story: http://www.scmp.com/news/hong-kong/article/1492049/warning-heartble...

"Canadian arrested for hacking revenue agency using Heartbleed security bug"

Solis-Reyes, of London, Ontario, is suspected of stealing around 900 Social Insurance Numbers (SIN)

Link to original story: http://rt.com/news/heartbleed-arrest-canada-security-016/

"Did consumers know that websites for Netflix, Four Seasons Hotels, Turbo Tax, Amazon Web Services and Yahoo were all affected by Heartbleed, too? Probably not."

Link to original story: http://www.ottawacitizen.com/business/Heartbleed+wake+call+increasi...

Permalink Reply by truth on April 26, 2014 at 1:28pm

Interesting, dont think US will be as generous.

RSS

"Destroying the New World Order"

TOP CONTENT THIS WEEK

THANK YOU FOR SUPPORTING THE SITE!

mobile page

12160.info/m

12160 Administrators

 

Latest Activity

tjdavis posted a video

Berlin 1945: Waiting for the End | Diary of a Metropolis UNCENSORED FOOTAGE

At the beginning of 1945, Berlin is under the illusion that they will survive the war. Every day there are bombing attacks, fires to be extinguished, and cor...
6 hours ago
0 Comments
Burbia posted a blog post

The Illusion of Fuck You Money

The United States use to have this idea that once you make enough money, you.can do as you want.…See More
21 hours ago
0 Comments
tjdavis posted videos
Thumbnail
Thumbnail
yesterday
tjdavis posted a blog post

The 9th Circle Ritual

yesterday
0 Comments
Less Prone favorited cheeki kea's photo
Thumbnail

Meanwhile in California...

yesterday
cheeki kea posted a photo
Thumbnail

Meanwhile in California...

Tuesday
0 Comments
Less Prone favorited tjdavis's video
Thumbnail

They Destroyed Our Country and Nobody Stopped Them | No Commentary

Monday
Less Prone posted a video

“I Helped Build It!” A WEF-Davos Insider EXPOSES The Great Reset

Former investment banker and ESG “whistleblower” Desiree Fixler joins The Winston Marshall Show to expose what she says is one of the biggest financial scams...
Monday
0 Comments
Doc Vega posted a blog post

One Step Too Far Weighs in on Current Events

We now bring you this week's program on One Step Too Far. Bear with us as more BS floats to the…See More
Sunday
0 Comments
Burbia's blog post was featured

A Masterclass Is Being Played Out For Those Who Have The Eyes To See

A question can be asked, why do Jews want a multicultural community in a host society? It is to…See More
Sunday
1 Comment
Doc Vega's 4 blog posts were featured
1 more…
Sunday
tjdavis's blog post was featured

Epstein File Browser

Sunday
0 Comments
cheeki kea commented on Burbia's video
Thumbnail

the WITCH language of MYSTERY BABYLON (DOCUMENTARY)

"Great video to watch, and it turns out english is a bizarre and formidable language in its…"
Sunday
cheeki kea favorited Burbia's video
Thumbnail

the WITCH language of MYSTERY BABYLON (DOCUMENTARY)

Sunday
Less Prone left a comment for Roberto Castorena
"Welcome to a revolutionary concept in public communication, the truth."
Jan 15
Less Prone posted a blog post

Reiner Füllmich imprisoned for investigating the Covid scandal

Rainer Füllmich, a lawyer investigating the Covid scandal was illegally captured in Mexico in…See More
Jan 15
0 Comments
Burbia posted a video

the WITCH language of MYSTERY BABYLON (DOCUMENTARY)

REVELATIONSOFJESUSCHRIST.COM
Jan 15
1 Comment
Doc Vega posted blog posts
Jan 14
Less Prone favorited Doc Vega's photo
Thumbnail

G99Gt39XEAAyu6Y

Jan 13
tjdavis posted a video

They Destroyed Our Country and Nobody Stopped Them | No Commentary

Music Used in this Video:Song/Music - TimeArtist - Hans ZimmerLicense Type: Creative CommonSong/Music - Evidently ChickentownArtist - John Cooper ClarkeLicen...
Jan 13
0 Comments

© 2026   Created by truth.   Powered by

Badges  |  Report an Issue  |  Terms of Service

content and site copyright 12160.info 2007-2019 - all rights reserved. unless otherwise noted