Super Fast Broadband
How to Improve Broadband Speed and Stability
6th May 2016
Microsoft Office 365
Lucid 365 – Always moving forward…
16th May 2016
Show all
Heartbleed bug

You may or may not have heard of something which has been hitting the technology news this month – called the Heartbleed Bug. This is a bug relates to something called OpenSSL, which is used on some secure websites and networking devices (such as routers) which use a secure connection to encrypt the data transmitted between computers and servers. You can normally tell when you’re on a secure website as there is a padlock in the address bar, in the top left of the web browser. Some examples of secure websites are Google Mail and Facebook. The bug which has been found, means that data transmitted, such as usernames, passwords etc. could have been exposed, if someone was monitoring the traffic using the bug.

What to do about the bug relating to secure websites…

The immediate advice was to change your password for any secure websites you use, however if the website in question hasn’t yet implemented a fix for the bug, you could expose both your old password and your new password. Some examples of secure websites from some of the big providers are Google, Facebook, Dropbox, Tumblr and Yahoo. You should change your password for these websites as they have already implemented fixes.

It’s advisable to change your password for any secure websites you use, but only once you know that the website in question has been fixed.

If you want to check if the website you would like to change your password for has been fixed, use this website created by developer Fillippo Valorda where you can enter the website address to see if it has been fixed.

The bug only affects secure websites (the ones with the padlock in the address bar)

Remember this bug affects secure websites (the ones with the padlock in the web browser) – so if you’re a business testing your own ‘brochure’ website using the link above – it will probably tell you something went wrong as your not using a secure website, which is normal for ‘brochure’ style websites.

Routers are also potentially affected by Heartbleed bug…

It has also been found to affect some routers and networking devices, as they might be running OpenSSL and therefore be exposed to the same bug, meaning there is a possibility of data being captured from them.

At the time of writing, from various online sources (including the BBC), it has been highlighted that the affected devices known at this stage are from these manufacturers – Cisco, Linksys, Juniper Networks, Fortinet, Red Hat and Watchguard Technologies.

What to do if you run one of the affected devices…

If you run a device from one of the above listed manufacturers, it is advisable to get in contact with your supplier or directly with the manufacturer to see if they have released a fix which can be applied to your device. Alternatively you could consider switching your device with one from another manufacturer to minimise the potential risk to your business.

Issues relating to Heartbleed in the long term…

The long term issues raised by this bug are still unknown at this stage, and we’ll continue to update this article as we learn more.

UPDATE: First known loss of data reported due to Heartbleed – Hacker hits Mumsnet

If any doubt, please ask us for advice and we’ll be happy to help. The usual contact number is the best way to get hold of us – 01527 908646

Leave a Reply

Your email address will not be published. Required fields are marked *


*