Heartbleed bug creates confusion on internet
The Heartbleed bug exploits a vulnerability in a version of the OpenSSL security software code that is installed on two-thirds of the active servers connected to the internet
This week it has emerged that a major security flaw at the heart of the internet may have been exposing users’ personal information and passwords to hackers for the past two years.
It is not known how widely the bug has been exploited, if at all, but what is clear is that it is one of the biggest security issues to have faced the internet to date.
Security experts warn there is little Internet users can do to protect themselves from the recently uncovered “Heartbleed” bug that exposes data to hackers, at least not until exploitable websites upgrade their software.
Researchers have observed sophisticated hacking groups conducting automated scans of the Internet in search of Web servers running a widely used web encryption program known as OpenSSL that makes them vulnerable to the theft of data, including passwords, confidential communications and credit card numbers.
OpenSSL is used on about two-thirds of all web servers, but the issue has gone undetected for about two years.