#Heartbleed is not gone yet


When the Heartbleed vulnerability made headlines last spring, Internet companies went into a frenzy: Creating patches, moving away from OpenSSL, and warning users to reset their passwords.

But while we haven’t heard much about it lately — and many servers have been updated to avoid it — Heartbleed is still very much a problem.

The problem is that OpenSSL is in everything.

“It’s an infrastructure hack, and it’s deep … it puts into question everything that we use on the Internet,” said Sami Nassar, CEO of secure element chip maker NXP.

He calls Heartbleed the death knell for SSL. While some will argue that SSL became obsolete a long time ago, its use is still pervasive. So what’s scary to Nassar is that though the news cycle around Heartbleed ended long ago, the damages are still ravaging on.

Read more at VB News

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s