Skip to main content

People should ‘Stop all transactions for a few days,’ due to Heartbleed, security exec says

netcraft heartbleed browser extension google chrome opera firefox 34
Image used with permission by copyright holder

We’ve seen some pretty scary quotes from Web security and cloud services experts regarding the Heartbleed flaw in OpenSSL. Heartbleed allows hackers to steal a potential treasure trove of data, including user names, passwords, emails, credit card numbers and more, without being detected by exploiting a flaw in the OpenSSL data encryption service used by many websites around the world. However, to this point, the quote offered by Mike Lloyd, who is the CTO of RedSeal, a network security firm, might be the most frightening of them all.

“Stop all transactions for a few days,” Lloyd said of the Heartbleed bug, which was recently uncovered by a team of researchers, despite the fact that it has existed for roughly two years.

Recommended Videos

Lloyd also states that “automation” is the key to combating threats like Heartbleed, as he wrote in an official RedSeal blog post.

“What you need is automation – not just vulnerability scanning (which can find those unpatched machines), but also a pre-built map, and a way to automate and speed up the query for “where are these machines suffering from Heartbleed, and what are they exposed to?”. Wise organizations plan for this – we know it’s going to happen again.”

MORE: How to check if your favorite websites are vulnerable to the Heartbleed bug

That’s what makes dealing with the realities of Heartbleed so frustrating. Aside from changing passwords and avoiding websites that are allegedly affected by Heartbleed, the average person is largely powerless when it comes to dealing with the threat. This isn’t a fire that can be snuffed out by employing the latest and greatest malware and anti-virus scanners, considering that this isn’t malware, but a gaping hole in the encryption service used by many of the world’s websites. It’s on individual companies, organizations, and governments to switch to a version of OpenSSL that doesn’t contain the Heartbleed flaw.

MORE: Here’s a list of websites allegedly affected by the Heartbleed bug (Updated)

Fortunately, to this point, more than a few household name websites that were once vulnerable or suspected of being susceptible to Heartbleed, have since reportedly been patched. These include Yahoo, Google, Dropbox and others.

However, Lloyd’s warning shouldn’t go unheeded. After all, Canada has put a stop to online tax payments for the time being in light of the Heartbleed revelation, and we can’t help but wonder if other governments, companies and organizations will follow suit soon.

What do you think? Sound off in the comments below.

Image credit: http://wallpaperswide.com

Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
We now know why AMD chose to delay RDNA 4 — well, kind of
AMD announcing FSR 4 during CES 2025.

AMD hasn't been very forthcoming when it comes to information about its RX 9000 series GPUs, but we just got an update as to why the cards won't be available until sometime in March. The company cites software optimization and FSR 4 as the two reasons why it most likely decided to delay the launch of RDNA 4. But is that all there is to it, or is AMD waiting to see some of Nvidia's best graphics cards before pulling the trigger on the RX 9070 XT?

The update comes from David McAfee, AMD's vice president and general manager of the Ryzen CPU and Radeon graphics division. A couple of days ago, McAfee took to X (Twitter) to announce that AMD was excited to launch the RX 9000 series in March. This caused a bit of an uproar, with many enthusiasts wondering why AMD was choosing to wait so long.

Read more
What power supply do you need for the RTX 5090 and RTX 5080?
The RTX 5090 sitting on top of the RTX 4080.

Nvidia’s new RTX 50-series GPUs represent a leap forward in gaming and content creation, but they also push the boundaries of what’s expected from your power supply. The RTX 5090 and RTX 5080, will be the first two models available for purchase starting January 30, and are expected to deliver improved performance over its predecessors -- you can already see that in action in our RTX 5090 review.

However, with great power comes greater demands on your power supply. If you're planning to upgrade to either of these next-generation graphics cards, it’s crucial to know what kind of PSU (Power Supply Unit) you need. Ensuring your PSU meets or exceeds the recommended specifications is critical for avoiding crashes, ensuring system stability, and maintaining long-term reliability.

Read more
Gaming mouse goes up in flames, nearly causes apartment fire
A burned Gigabyte moue as posted by a user on Reddit

Think you have one of the best gaming mice? Think again. A Reddit user recently reported a concerning incident involving their Gigabyte M6880X gaming mouse, which allegedly caught fire spontaneously, filling their apartment with black smoke and causing significant property damage.

The user who goes by the unser name lommelinn, shared images showing the melted mouse, burn marks on the desk, and a destroyed mouse pad. They recounted discovering the device "burning with large flames," which they quickly extinguished. Despite their swift action, the room was left covered in black particles, affecting other equipment, including a modular synthesizer.

Read more