Major Security Flaw 'Heartbleed' Puts Critical Services at Risk
Over half the internet could have been compromised by a two-year-old security flaw that also could affect a number of online bitcoin services, it was revealed today. The vulnerability, named 'Heartbleed', affects versions of OpenSSL, an open-source implementation of the SSL and TLS internet security protocols that encrypt and secure internet traffic, including: passwords, messages, e-commerce and banking, and other sensitive data including Virtual Private Networks (VPNs). OpenSSL is the most popular software library used for this purpose. Two years old. The Heartbleed flaw has reportedly....
Related News
Computer users operating on the Mac OS X platform are safer from harm compared to their Windows-using counterparts. With a much smaller market share, hackers are not targeting OS X users as often as they could, although that doesn’t mean the platform is completely secure. Security tool Gatekeeper is still vulnerable, despite a recent patch released by Apple. Bitcoin users are advised to remain careful when installing new applications until this security flaw has been patched properly. Apple Fails To Make Gatekeeper Secure Again. It is not the first time OS X’s Gatekeeper is coming under....
Yesterday, Google published the details of an SSL 3.0 design vulnerability that renders SSL 3.0 completely insecure and useless. SSL 3.0 is over fifteen years old and up until today, was still supported by most browsers. When attempting to communicate with a website, usually a browser will use the latest technology and connect to the HTTPS servers; however, failed connections are tried on older, clearly deprecated, protocols such as SSL 3.0. As such, attackers can force targets to disconnect and then reconnect using SSL 3.0, thus exposing their current session to take-over. Also read:....
Here is a reality check for all the Bitcoin naysayers, the most widely used conventional electronic payment system – credit/debit cards are not really as secure as we had earlier thought. A serious protocol level flaw exposed by a couple of German security experts bares it all. It is not just the security flaw one has to be concerned about, but also the banks’ apathy towards fixing it! A recent report carried by well-known Russian media channel, Russia Today describes the serious security flaw in POS terminals. According to Karsten Nohl, one of the security experts from the Berlin based....
The open-source software package known as OpenSSL that is widely used to secure Web communications through SSL/TLS encryption is reported to have a significant weak spot. This vulnerability could allow hackers to steal valuable information such as emails, instant messages, banking and e-commerce data as well as virtual private networks (VPNs). In turn, this could have a negative impact on the Bitcoin economy and cryptocurrencies as a whole. While the potential impact of the remains to be seen, security experts suggest that most Internet users are affected, either directly or indirectly.....
There were widespread security concerns yesterday after the discovery of an old flaw that could affect web servers and Internet-connected devices - but many in the industry are claiming it presents no immediate threat to bitcoin services. The vulnerability, dubbed either the 'Bash Bug' or the 'Shellshock Bug', would allow a malicious access to a UNIX-based device's operating system via the command line shell - the most widely used of which is bash. UNIX-based systems include MacOS, Linux versions (desktop and server), popular mobile platforms and embedded systems on other devices that....