Losing your online identity has reached a whole new level with the HeartBleed Bug. The bug is named after the way information is transferred from the server to the hacking requestor at each ‘Heartbeat’. This heartbeat is defined as a periodic signal from heartware signaling normal operation. This bug was first discovered in early April and is attributed to the coding for Open SSL cryptography library. This coding error has created a huge security flaw in websites, allowing for cyber criminals to steal information from servers and user passwords and cookies.
The HeartBleed bug has been touted as the most catastrophic security flaw in internet security since the information traffic begun flowing on the internet. Cyber security experts interviewed by a large number of news sources have resoundingly recommended changing of passwords and for users demanding high levels of privacy, to stay offline till changes are made to the code. These are drastic measures as in our increasingly hectic lives, such measures are time consuming and utterly impractical.
Online communities, like Reddit and 9gag, create memes and make fun of the lack of internet, comparing the lack of internet to scenes of Robin William’s character in Jumanji. Yet the threat to internet users is real, and one area where we tend to disregard it is when we use our mobile phones to connect to the web. The operating system most affected by this bug is Android, while Apple’s IOS and the Windows phones both declared unaffected by their respective developers. It has been estimated that 50 million Android users are susceptible to the bug.
Most mobile phone users do not realize that even if they do not actively surf the net using mobile browsers, the apps that are previously downloaded will actively access the internet. These apps have been affected by the HeartBleed Bug. Users of such compromised apps can lose critical information during in-app purchases, information-like credit card numbers or user names and passwords to website accounts. All it requires is for the hacker to exploit the coding, and 64 Kbits of information is downloaded from your website’s server per “HeartBeat”.
To protect your mobile devices from the bug, it is suggested, first, to download an app that scans each app for the heartbleed bug. When the scan is finished, you can change all your existing passwords. This would ensure that any information stolen previously is no longer valid. Apps are available that will scan for the heartbleed bug are Bluebox’s HeartBleed Scanner and Heartbleed Security Scanner by Lookout Mobile Security. The latter app has gained good reviews online but only seems to check for your Android OS vulnerability. Bluebox’s scanner is suggested, as it is able to scan each app on your phone. Upon discovering that your device is vulnerable to the bug, it is also strongly suggested to report it to Play Store for Android users. Emails to app developers are available in the play store listing and are the preferred ways of letting the developers know of their app’s vulnerabilities.