The Washington Post predicts major disruptions and delays to the Internet in the coming weeks due to simultaneous efforts to repair encryption systems on hundreds of thousands of websites due to the infamous heartbleed bug.
Citing security experts, the Washington Post reports that estimates of the problems that have arisen due to the disclosure of the bug are increasing daily. What started as a simple "annoying" event, which required her change passwords, appears to be developing into something much more serious, as it appears that savvy hackers can exploit the problem to create fake websites to trick Internet users into providing personal information.
It should be noted that the amount of work required to correct the bug-specific dimension - which allows the security certificates to be authenticated to confirm that a website is authentic - could pay due to workload are designed to keep the Internet reliable.
"Imagine suddenly discovering that all the doors that everyone uses is vulnerable - that all can be broken," said Jason Hillley, an Atlantic Councils security officer at Washington. "The kinds of evil that could happen are limited only by the imagination of the perpetrators."
According to some estimates, Heartbleed affected two-thirds of the Internet, forcing a large number of users to change their codes to popular online services. Also, the wave of forced updates to which threatened websites will go will result in uploads of download browsers and security site checks.
As reported in a BBC report, analysis by Netcraft shows that 500.000 websites are vulnerable to the Heartbleed bug. Regarding security certificates, Paul Matton, its analyst companyς σημείωσε ότι «θα ήταν πιο ασφαλές να θεωρήσουμε ότι όλα τα 500.000 πιστοποιητικά έχουν παραβιαστεί». «Οι περισσότερες αρμόδιες αρχές προσφέρονται να τα ανανεώσουν δωρεάν, οπότε δεν υπάρχει δικαιολογία για τη μη λήψη δράσης». Ωστόσο, πρόσθεσε, η ανανέωση εκατοντάδων χιλιάδων certificates θα έχει επιπτώσεις στις ταχύτητες web browsing. Όταν ένας user visits a site, a standard check is made to see if the security certificate has been revoked. This normally doesn't cause any delays – however this is now changing due to Heartbleed as many certificates are being revoked and renewed daily. As Robin Alden, executive of the Comodo company, which operates in the field of these certificates, told PC World, tens of thousands of certificates have been issued after Heartbleed. In particular, last week he spoke of a tenfold/twelvefold renewal rate.
Heartbleed's "storm" seems to be expanding on Android as, according to a Guardian article, at least four million smartphones with the specific US operating system and tens of millions worldwide can target because of the bug. Worldwide, vulnerable mobile phones could be as high as 50 million, as measured by data from Google's announcements, devices that run a special version of "Jelly Bean" (Android 4.1.1) are vulnerable. The calculations were made using data provided exclusively by the British newspaper Chitika.
Source: naftemporiki.gr
