Heartbleed did caused some problem, but in the end it was not as lethal

Tweet

It's been a month since the bug Heartbleed off a stampede of software in everything from network devices to fix security software since it quickly became clear that the vulnerable versions of OpenSSL encryption code is widespread among gone .Heartbleed that would make , read, experienced striker passwords or digital certificates , for example , was a shock when the OpenSSL group revealed on April 7 , since it affects about 60 % of servers around the worldand more. But it is the disaster that had some fears ? So far , the consensus seems to be , not even what some think , dives based Heartbleed Bondage is not easy . At best , it was inconvenient Heartbleed mammoth everywhere , such as passwords and certificates were exchanged with Marathon a patch around the globe in what was . Heartbleed - as error in OpenSSH dismissed as a farce | spots Siemens SCADA popular Heartbleed | Heartbleed the silver lining | Heartbleed requires joint efforts to OpenSSL providers to increase safety " It ended up being not so simple to use ," says Bruce Schneier , chief technology officer of CO3 systems . Schneier is an encryption expert who had initially marked Heartbleed an event of " catastrophic " because OpenSSL general use. " We saw some hackers and criminals in the desert with , but not both . "But the agitation caused by Heartbleed - a coding error , two years ago , apparently by a German software developer , who came forward to the mistakes - which was absolutely huge as a wide range of network and security industry after around the countless hours of research findings to their own products , the vulnerable versions of OpenSSL Heartbleed were often incorporated. But not all were vulnerable versions of OpenSSL . Response teams Cisco incidents found for " 359 to use products and services from Cisco OpenSSL or a related variant ," the spokesman Nigel Glennie Cisco said . " 281 of them were confirmed as unaffected by the vulnerability , and had 78 confirmed affected . Among these , 41 already made patches . "To this day , was still investigating the Cisco Security Gateway for VMware Cisco products and with USB Lights with promotional drives Since April 9 , Cisco made 19 revisions to its security advisory about Heartbleed . Cisco issue a " Heartbleed Bug : Assessment Guide " for the client, a six-page reference that how to rehabilitate the nature of the problem and explains OpenSSL . " Everyone was with OpenSSL " says Gil Friedrich , vice president of technology at ForeScout Technologies , fixing your own problem Heartbleed product within the first 24 hours after it was announced he says. He says that bank customers ForeScout also helped . By analyzing the products they use on their networks for vulnerable OpenSSL .Mandiant , now part of FireEye , said in mid-April , hackers came in a network of customers because of Heartbleed . There were some other random Heartbleed reports problems if, for example , the Canadian Revenue Agency in April temporarily closed its site in the middle of the season , after taxes , a hacker broke into it and stole 900 Social Security numbers .