The Washington Post predicts major disruptions and delays to the Internet in the coming weeks due to simultaneous efforts to repair encryption systems on hundreds of thousands of websites due to the infamous heartbleed bug.
Citing security experts, Washington Post reports that estimates of the problems that have arisen as a result of bug disclosure are increasing daily. What started out as a simple "troublesome" event, requiring code change, seems to evolve into something far more serious, as experienced hackers can exploit the problem to create fake websites to mislead Internet users to to provide personal data.
It should be noted that the amount of work required to correct the bug-specific dimension - which allows the security certificates to be authenticated to confirm that a website is authentic - could pay due to workload are designed to keep the Internet reliable.
"Imagine suddenly discovering that all the doors that everyone uses is vulnerable - that all can be broken," said Jason Hillley, an Atlantic Councils security officer at Washington. "The kinds of evil that could happen are limited only by the imagination of the perpetrators."
According to some estimates, Heartbleed affected two-thirds of the Internet, forcing large numbers of users to change their passwords to popular online services. Also, the wave of forced updates which the threatened websites will proceed to will result in the "loading" of the browsers with downloads and check procedures for safe sites.
As reported in a BBC report, analysis by Netcraft shows that 500.000 websites are vulnerable to the Heartbleed bug. As for the security certificates, Paul Matton, the company's analyst, noted that "it would be safer to assume that all 500.000 certificates have been compromised." “Most competent authorities offer to renew them for free, so there is no excuse not to λήψη action". However, he added, renewing hundreds of thousands of certificates will impact web browsing speeds. When a user visits a site, a standard check is made to see if the security certificate has been revoked. This normally doesn't cause any delays – however this is now changing due to Heartbleed as many certificates are being revoked and renewed daily. As Robin Alden, executive of the Comodo company, which operates in the field of these certificates, told PC World, tens of thousands of certificates have been issued after Heartbleed. In particular, last week he spoke of a tenfold/twelvefold renewal rate.
The Heartbleed "storm" seems to extend to Android, καθώς, σύμφωνα με στοιχεία που επικαλείται δημοσίευμα του Guardian, τουλάχιστον τέσσερα εκατομμύρια smartphones με το συγκεκριμένο λειτουργικό στις ΗΠΑ και δεκάδες εκατομμύρια παγκοσμίως μπορούν να στοχοποιηθούν εξαιτίας του bug. Παγκοσμίως, τα ευάλωτα cell phones could amount to 50 million, as pointed out data calculations based on Google's announcement, devices "running" a special version of "Jelly Bean" (Android 4.1.1) are vulnerable. The calculations were made using data provided exclusively to the British paper by analytics firm Chitika.
Source: naftemporiki.gr
