Technology

Heartbleed | What online services recommend a direct password change

The tech site Mashable tried to reduce the confusion caused by the discovery of the security vacuum Heartbleed, creating a list based on the statements made ​​by now the most popular online services on whether or not prompt users to change their passwords immediately. Having identified the first time as one of the biggest vulnerabilities in the history of the internet, the Heartbleed is a backdoor in OpenSSL, one of the most popular software encryption. Thus, although the OpenSSL normally guarantee that every species sensitive information, such as passwords, handled securely between computers and a server, the existence of Heartbleed means that for at least two years could gain access to these data any hacker.

Mashable

Mashable

The news about the vulnerability in software encryption caused confusion for many users around the world who did not know whether they prefer online services based on OpenSSL to encrypt and therefore whether it is likely to have stolen sensitive data. Even worse, although many analysts initially recommended the immediate change of password for all vulnerable platforms, the path seemed that the solution is effective only for those who have upgraded to a new and secure version of OpenSSL. That’s because, if one changed the code to a service that continues to use the punched version of OpenSSL, it actually endangers both old and new code.

Heartbleed Virus

Heartbleed Virus

Heartbleed Virus

Heartbleed Virus

The list of Mashable comes to put an order in the chaos, clarifying first what companies use OpenSSL and consequently, the discovery of Heartbleed has no effect on their operation. Therefore, based on their statements, as LinkedIn, as Apple, as Amazon, Microsoft, the eBay, PayPal and Evernote based on other encryption software. This means that the users can trust the password you have already chosen. In contrast, the Instagram, the Pinterest, the Yahoo, the Dropbox, Box and the SoundCloud reported that exploit the OpenSSL, having in the meantime however upgrade their systems to the new version of the encryption software.

Heartbleed Virus

Heartbleed Virus

Heartbleed Virus

Heartbleed Virus

Thus, service users will have to change password. More diplomatically, Facebook said that faced the vulnerability even before this public, without even having identified traces interception. However, he adds that the Heartbleed is an excellent opportunity for the members to define a password for the social network, which does not use any other site. Finally, Google said it uses the services of the OpenSSL, which has already upgraded. However, claims that users do not need to change their passwords.

By Nicole P.

Tags: , , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close