News

SSL Bug Lets People Impersonate Anyone

So you’re browsing online, through Facebook, Ebay and even your bank and you notice that padlock at the start of your address bar. You see that symbol and you think, that means I’m secure. I’m safe and I can browse and send information without a worry. Seems like that might be a mistake according to a new bug report.

SSL is the system in which websites can be verified, this means you can be certain that the website you’re sending information to is actually the website you want and not someone pretending. It also means that you have to use a standard of encryption when communicating information across the web. OpenSSL is a standard used by a variety of websites in order to offer some security and reassurance to its users, and sadly is publicly available meaning that users are free to view and edit the code as they see fit.

From the log that’s available it appears that the code responsible for the problem was added all the way back in January, however, it was only released to the publicly used version last month. With this problem, it would be possible for fake websites to change and “appear” as if they were the legitimate version and due to how the system works, fake websites would also be able to provide “certificates” for other websites.

While it was in the public version it didn’t make its way into the mainstream versions used by a lot of people, meaning that it has since been removed and the damage limited (if there is any at all). This is in contrast to the Heartbleed virus that resided in OpenSSL for almost two whole years before being discovered.

Thank you ArsTechnica for the information.

Image courtesy of the BBC.

Gareth Andrews

Disqus Comments Loading...

Recent Posts

Still Wakes the Deep 

LIVE THE HORROR: An immersive disaster story aboard a stunningly realised North Sea oil rig,…

1 hour ago

PHILIPS 275V8LA – 27 Inch QHD Monitor

The Philips VA LED display uses an advanced multi-domain vertical alignment technology that gives you…

1 hour ago

EPOMAKER Ajazz AK820 Pro 75% Gasket-mounted Mechanical Keyboard 

【TFT Screen: The Interactive Interface】This 75% mechanical keyboard comes equipped with a TFT Screen, serving…

1 hour ago

Funko Fusion

FANDOM FUSION Play as your favorite characters and wield their unique weapons and skills. Team…

1 hour ago

Shin Megami Tensei V: Vengeance Standard Edition

The Definitive Version of Shin Megami Tensei V - Fully evolved with stunning visuals for…

1 hour ago

Hand Warmers Rechargeable 2 Pack

【Unique Split Design】5200mAh hand warmers rechargeable together with double-sided heating function, split snap swivel design,…

1 hour ago