An unprecedented "wave" of code change seems to drive the Internet because of the revelations about the most notorious bug heartbleed, which affects a huge number of servers and web sites around the world.
Enough already Companies of her space technology have started urging their users to change their passwords, especially on email, file storage and e-banking services, as Heartbleed is now being labeled as one of the biggest security threats the internet has seen.
Μία εξ αυτών ήταν και η πλατφόρμα blogging/ κοινωνικής δικτύωσης της Yahoo, Tumblr. Επίσης, η καναδική εφορία σταμάτησε τη mode of its online services.
Υπενθυμίζεται ότι το bug συναντάται στο λογισμικό OpenSSL, που χρησιμοποιείται για την κρυπτογράφηση δεδομένων που περνούν από servers, έτσι ώστε μόνο ο πάροχος της υπηρεσίας και οι παραλήπτες να μπορούν να τα «διαβάσουν». Σύμφωνα με την Google Security και τη φινλανδική Codenomicon, το πρόβλημα υπήρχε εδώ και άνω των δύο ετών. Εξαιτίας του ήταν δυνατή η υποκλοπή των «κλειδιών» online υπηρεσιών, με αποτέλεσμα να είναι δυνατή η υποκλοπή ονομάτων και κωδικών χρηστών, καθώς και η creation fake websites that looked authentic because they used the stolen passwords.
According to a BBC report, Google is believed to have informed a number of stakeholders about the issue before it was released to upgrade to a new version of OpenSSL.
As reported in a CNET report, there are reports from security executives and developers for Yahoo tracking / tapping through Heartbleed. According to the report, Yahoo has made relevant actions by making corrections to: Yahoo Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo Food, Yahoo Tech, Flickr, Tumblr.
Crypto developer and consultant Filippo Valsorda has developed a tool that allows users to check websites on whether they are vulnerable to Heartbleed.
A Mashable article suggests changing codes to a range of popular services, even if many of them have not been identified as a matter of fact or not. In any case, the overall perception of the issue on the Internet seems to be the proactive code change to important services that users often use.
