Leave a comment

The next Heartbleed is here - Linux users beware!

The next Heartbleed is here - Linux users beware!
Photo courtesy of Shutterstock

Heartbleed was the worst security bug in the history of the World Wide Web. Even two months later, hundreds of thousands of sites could still be affected.

The Heartbleed bug was basically a flaw in the most widely-used encryption system on the Internet: OpenSSL. It allowed hackers to intercept passwords, private emails, credit card information and much more. Click here to see a comic with the simplest explanation of how exactly Heartbleed works.

But OpenSSL isn't the only encryption system on the Web. GnuTLS is a cryptographic library that is typically used by default on many Linux systems and software packages. It turns out GnuTLS has a flaw that's similar to the Heartbleed bug.

This bug might not have an ominous logo or an apocalyptic name like Heartbleed - it's called CVE-2014-3466 - but it's just as dangerous to GnuTLS clients.

If you use GnuTLS, you need to patch right away. This applies to most Linux users, but not exclusively Linux users. Microsoft doesn't use GnuTLS, however it's possible some software you have could use the flawed code. You'll have to read your programs' documentation to know for sure.

 

Next Story
The NSA can bug your phone even when it's off
Previous Happening Now

The NSA can bug your phone even when it's off

Check out this funny Google Street View prank
Next Happening Now

Check out this funny Google Street View prank

View Comments ()