Heartbleed

As everyone a little abow neutral to computers, we need to take in what this heartbleed is and does it affect ourself or friends/Family 🙂

OpenSSL received an update about two years ago, which unknowingly created a Whole in the otherweis Perfect system. When you analyzed traffice from sites using an OpenSSL certificate, you could find the encryption key and decrypt the encrypted traffic. For example to gain Peoples password when login into web sites.

For the average Joe, this probably haven’t been an isse even if it was created two years ago. It have been kept a Secret for a long time, and therefore its pretty safe to say average Joe haven’t been affected by this very much.

Now thats it is out in the open, everyone needs to update their sites using OpenSSL and users need to change their passwords after the service have been updated. This is just to be on the safe side, as you don’t know how many have been using it seens it become known world wide or how many have logged traffic they can look back into.

Common services affected:

Facebook
Instagram
Youtube
Gmail
Yahoo
Telenor

These are mostly services hosted on Open Source operatingsystem, and here is a smaller list of services not affected:

Microsoft
Amazon
PayPal
​LinkedIn

 

For my Norwegian friends and customers, please read this Norwegian article from my Companys Security team:

http://www.anpdm.com/newsletterweb/42455D477847435A4B77444B59/40?noTracking=true


Leave a Reply

Ehlo!

I am Roy Apalnes, a Microsoft Cloud Evangelist working av Sopra Steria. Main focus in Microsoft Security and Endpoint Management, with a bigger picture in mind.

Featured Posts