Change your password again How to see just broke the OpenSSL event

OpenSSL yesterday (a security protocol to provide security and data integrity for network communications) broke the most serious security breaches this year, so many buddies and busy night, which includes network security companies, online shopping site and other security departments, guests and reporters to black and white.

 

(vulnerability report from the clouds)

OpenSSL is a security protocol used by many businesses and services to encrypt data, but it was found that hackers can exploit a vulnerability to steal data from the server memory 64KB. 64KB amount of data is not large, but hackers can reuse the vulnerability, repeatedly steal data, and may therefore get the user’s encryption key, decrypt sensitive data.

how to see this vulnerability?

first, this is a global security incident, not the last thunder heavy rain small Ctrip leak door comparable;

second, this vulnerability has existed for a long time, I turned over the report, it should be from version 1.01 to the 1.01f version of the problem, the time span of more than two years. Just updated 1.01G version no problem;

third, the specific impact on the Chinese users have not yet clear;

fourth, do you want to change the password? Maybe you can wait for a clear point of the situation, because the vulnerability has just burst, many sites have not yet upgraded, some hackers may also be repeatedly scanning loopholes;

fifth, need not be too nervous, because the media has always been good at rendering, but things may not be so much media; sixth, there is cause for concern is that security issues new explosion, I do not know whether it will affect the game is in the Internet financial. Extended reading:

network world into the biggest crisis OpenSSL exposed major security vulnerabilities OpenSSL vulnerability analysis: two years ago a huge impact has been significant OpenSSL vulnerability exposure: YAHOO and many other sites of OpenSSL exposed major security flaw can cause the online shopping payment password leaked OpenSSL exposure "devastating" vulnerabilities Baidu acceleration music first defense

Leave a Reply

Your email address will not be published. Required fields are marked *