Skip to main content

New hacking challenge shows Heartbleed is as bad as we thought

blackberry roll heartbleed patches android ios week
Image used with permission by copyright holder

You’ll have been hearing a lot about the Heartbleed bug this week, and it’s now been confirmed that the vulnerability can be used to nab private security keys from a server. That means a rogue site could pose as a genuine one, and neither you nor your browser would be any the wiser.

A quick recap: Heartbleed allows hackers to ping vulnerable servers for all kinds of sensitive information, including email addresses, passwords and credit card numbers. At first, there was some debate about whether this information could include private SSL keys, in many ways the most valuable data for a hacker; now we have confirmation that it can.

Recommended Videos

White-hat hackers Fedor Indutny and Ilkka Mattila successfully took on the Heartbleed hacking challenge laid down by Web performance and security company CloudFlare. “We confirmed that both of these individuals have the private key and that it was obtained through Heartbleed exploits,” said CloudFlare.

Having access to these private keys means hackers can return even after the Heartbleed exploit has been closed to steal more information — it’s akin to having the keys to a car rather than having to smash through the window. Only when server security certificates are updated (i.e. the locks are changed) will the bad guys be foiled, and that’s going to take some time.

Big-name companies including Google, Yahoo and Dropbox are scrambling to update their systems to close the Heartbleed loophole, but the danger is far from over. Stay tuned to our lists of apps and websites that are affected for details of how to protect yourself, and follow any prompts you receive to reset your passwords from the online services you use.

[Image courtesy of Heartbleed.com / Karen Blaha]

David Nield
Former Digital Trends Contributor
Dave is a freelance journalist from Manchester in the north-west of England. He's been writing about technology since the…
AMD says that FSR 4 might not be an RDNA 4 exclusive after all
AMD announcing FSR 4 during CES 2025.

AMD will soon launch new graphics cards, although they were pretty much absent from its CES 2025 keynote. Fortunately, a new interview with Frank Azor, AMD's chief architect of gaming solutions and gaming marketing, gives us a little bit more information. One interesting tidbit from the interview is that FSR 4, currently an RDNA 4 exclusive, might still one day make it to older AMD GPUs.

Azor spoke to Michael Quesada in an interview that was later shared by El Chapuzas Informatico and VideoCardz. They spoke about FSR 4, but also the general price point and the predicted performance of the RX 9070 XT. Throughout the interview, it's made clear that AMD is angling for a value-oriented product this time around.

Read more
20 years on, the Mac mini is in the best shape of its life
The Mac mini up on its side on a desk.

The original Mac mini was released 20 years ago today. And while it was a miniature marvel when it debuted, it’s gone from strength to strength in the years since. Today, it’s one of the best desktop computers you can buy.

When Steve Jobs pulled out the first Mac mini on stage in 2005, it was met with gasps and cheers from the audience, such was its unbelievably compact form factor. Yet when it was introduced, Jobs’ description of it was somewhat underwhelming: “This is a very robust computer, but it’s very, very tiny.” You got the feeling that even Apple wasn’t taking it particularly seriously.

Read more
AMD calls Intel’s Arrow Lake ‘horrible’
Fingers holding an Intel 285K.

Shots fired. Frank Azor, an AMD executive, just straight-up called Intel's Arrow Lake line of CPUs "horrible." Where did it all start? Why, with the ongoing shortage of AMD’s best gaming processors, of course. And surprisingly, AMD blames Intel for the fact that its X3D processors are hard to come by right now.

In a recent media roundtable reported by Tom's Hardware, AMD admitted that it never expected the demand for its CPUs to be that high. In fact, it expected it to be lower because it thought that Intel would be more competitive -- but since Arrow Lake turned out to be largely unimpressive, people turned to AMD for their next-gen CPUs even more so than before.

Read more