The heart bleed virus
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

The heart bleed virus

on

  • 1,417 views

Make sure that you are prepared and protected.

Make sure that you are prepared and protected.

Statistics

Views

Total Views
1,417
Views on SlideShare
1,417
Embed Views
0

Actions

Likes
0
Downloads
55
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

The heart bleed virus Presentation Transcript

  • 1. What is it, and what do you do about it??? The Heart Bleed Virus
  • 2. What is the Heart Bleed virus • Flaw in Open SSL, which is the encryption used to make data transfer secure • Encryption makes the data look like nonsense to anyone but the recipient • Sometimes, a computer will send out a small packet of data (called a heartbeat) to see if there is still a computer at the end of its connection • Researchers discovered a programming error that allowed people to send a well-disguised packet of data that looks like the heartbeat
  • 3. Some key points • This flaw (the ability to send a fake packet of data) has been available for abuse for about two years! • The flaw was discovered by Google • There are no traces left when these fake data packages are sent
  • 4. So how bad is it? • Pretty bad. Web servers keep lots of info on their sites, such as usernames, passwords, content which has been uploaded and even credit card numbers • Even worse, hackers can steal encryption keys, making it possible to intercept data and read it without having to have a secure connection • This means that companies can change their encryption keys, but still be vulnerable!
  • 5. What does it mean to you? • This is an issue not only with your devices, but also with the software that powers the services we use • Sites can include social media, employment, hobby sites, software installation sites or even government sites • 66% of sites are powered by technology built around SSL
  • 6. What do you do? • Since it has been around for two years and leaves no trace, assume that accounts may have been compromised. • Change online passwords, especially ones needing privacy and security • Remember, though, if your site hasn’t upgraded its software, you may need to change the password again
  • 7. Are my sites affected? • Most major service providers have either fixed or are currently fixing their sites. • On this site (run by Filippo Valsor, an Italian consultant specializing in security) you can enter a site and see if it has been fixed or unaffected. Try this today! http://filippo.io/Heartbleed/
  • 8. Sites to change passwords on • Social networks: Facebook, Instagram, Pinterest, Tumblr, Twitter, • Other companies: Google, Yahoo, Gmail, Yahoo mail, • Shopping sites: Etsy, GoDaddy, • Entertainment: Flickr, Netflix, SoundCloud, YouTube, • Banking: USAA, • Other: Dropbox, GitHub, OKCupid,
  • 9. Change your password today to protect your identity! Sources: http://www.businessinsider.com/heartbleed-bug-explainer-2014-4, http://mashable.com/2014/04/11/mashable-explains-heartbleed-2/