Skip to main content

People should ‘Stop all transactions for a few days,’ due to Heartbleed, security exec says

We’ve seen some pretty scary quotes from Web security and cloud services experts regarding the Heartbleed flaw in OpenSSL. Heartbleed allows hackers to steal a potential treasure trove of data, including user names, passwords, emails, credit card numbers and more, without being detected by exploiting a flaw in the OpenSSL data encryption service used by many websites around the world. However, to this point, the quote offered by Mike Lloyd, who is the CTO of RedSeal, a network security firm, might be the most frightening of them all.

“Stop all transactions for a few days,” Lloyd said of the Heartbleed bug, which was recently uncovered by a team of researchers, despite the fact that it has existed for roughly two years.

Recommended Videos

Lloyd also states that “automation” is the key to combating threats like Heartbleed, as he wrote in an official RedSeal blog post.

“What you need is automation – not just vulnerability scanning (which can find those unpatched machines), but also a pre-built map, and a way to automate and speed up the query for “where are these machines suffering from Heartbleed, and what are they exposed to?”. Wise organizations plan for this – we know it’s going to happen again.”

MORE: How to check if your favorite websites are vulnerable to the Heartbleed bug

That’s what makes dealing with the realities of Heartbleed so frustrating. Aside from changing passwords and avoiding websites that are allegedly affected by Heartbleed, the average person is largely powerless when it comes to dealing with the threat. This isn’t a fire that can be snuffed out by employing the latest and greatest malware and anti-virus scanners, considering that this isn’t malware, but a gaping hole in the encryption service used by many of the world’s websites. It’s on individual companies, organizations, and governments to switch to a version of OpenSSL that doesn’t contain the Heartbleed flaw.

MORE: Here’s a list of websites allegedly affected by the Heartbleed bug (Updated)

Fortunately, to this point, more than a few household name websites that were once vulnerable or suspected of being susceptible to Heartbleed, have since reportedly been patched. These include Yahoo, Google, Dropbox and others.

However, Lloyd’s warning shouldn’t go unheeded. After all, Canada has put a stop to online tax payments for the time being in light of the Heartbleed revelation, and we can’t help but wonder if other governments, companies and organizations will follow suit soon.

What do you think? Sound off in the comments below.

Image credit: http://wallpaperswide.com

Konrad Krawczyk
Former Computing Editor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
Still shopping? Amazon Prime Day deals going strong into day 4
We're bringing you the best Prime Day deals throughout the sales period
Best Prime Day Gift Card Deals

It’s the fourth and final day of the longest ever Amazon Prime Day event, and if you thought the best deals were behind us, think again. Amazon’s stretching this year’s event across four full days (July 8 -11 ) which means price drops are still rolling in hot, with fresh discounts landing on everything from big-name tech to everyday essentials.

There have been stellar savings so far, with the AirPods Pro 2 heading down to $149 as the best saving we've seen.

Read more
Apple loses AI whiz to Meta with an offer that will make your eyes water
Meta AI widget on Home Screen.

It was just last month that OpenAI boss Sam Altman claimed that Meta had been trying to poach his top AI engineers by offering hiring bonuses of as much as $100 million.

There was renewed interest in the matter earlier this week when it emerged that Ruoming Pang, an esteemed AI engineer who oversaw Apple’s AI models, had jumped ship to Meta.

Read more
I found the best Prime Day deal on a tablet hidden beyond Amazon
Microsoft Surface Pro 12-inch, stylus, and keyboard.

A good tablet can take your productivity to the next level, but a boring one will find a niche use and eat dust on a table or couch for most of its time. I love iPads and have been pushing them – as far as I can — to act as my primary computing machine for nearly half a decade now. It has never managed to replace a proper laptop, like a MacBook Air or a Windows machine. 

Why not buy a Windows laptop, you might ask? Well, Windows-powered tablets, especially those Surface devices sold by Microsoft, are pretty expensive. I love the new 12-inch Surface Pro, but at $799, it felt like a steep purchase despite its impressive specifications. 

Read more