The tech industry reeled last week when security researchers discovered a flaw in a key security technology in the Internet's infrastructure. The bug, ghoulishly named "Heartbleed," was found in an open source library, OpenSSL, used by the protocol, SSL, used to encrypt data in transit on the Net. By exploiting the flaw with a specially crafted packet, hackers can extract data from a server's memory in 64K chunks. "This is indeed one of the worst vulnerabilities in the history of the Web," said Amit Sethi, a technical manager at Cigital.White Hats Use Heartbleed to Steal Keys
The tech industry reeled last week when security researchers discovered a flaw in a key security technology in the Internet's infrastructure. The bug, ghoulishly named "Heartbleed," was found in an open source library, OpenSSL, used by the protocol, SSL, used to encrypt data in transit on the Net. By exploiting the flaw with a specially crafted packet, hackers can extract data from a server's memory in 64K chunks. "This is indeed one of the worst vulnerabilities in the history of the Web," said Amit Sethi, a technical manager at Cigital.
0 comments:
Post a Comment