Heartbleed OpenSSL Security Flaw – What Is It?

By the Editor In Thought 2 Comments

Last week news broke of one of the most devistating security flaws in the history of the internet – the Heartbleed Bug. Computer-security expert Bruce Schneier rated the level of the threat an 11 out of 10 which showcases how serious the threat it. However, so few people don’t actually understand what the issue is, and how it affects them.

Allow us to explain:

The Heartbleed bug is a security flaw which allows communcications to be intercepted between secure connections using the OpenSSL protocol. SSL stands for Secure Socket Layer and any website which has a little padlock within the address bar will more than likely use this technology as it is one of the most widely used security protocols today. How does this affect you? Well, it means that essentially hackers can gain access to any communication from a website that is using this protocol such as usernames, passwords, banking details, credit card numbers, personal information etc. This one is serious folks. Below is an image that explains which services are affected and what data might be at risk. We don’t have any word yet on any South African banks, but we will update this post if we hear anything further.

heartbleed-services-affected

Hat tip to LWG for the graphic.

LastPass has created a tool that allows you to check if a website has been affected by the Heartbleed bug – test out any website you use regularly and make sure that you are safe! I have tested the majority of South African banks and to be honest, the only site that came back saying that it was definitely safe was FNB.

If you want to read a more technical analysis on how the bug was discovered you can head on over to Business Insider.