Categories: News

SSL Bug Lets People Impersonate Anyone

So you’re browsing online, through Facebook, Ebay and even your bank and you notice that padlock at the start of your address bar. You see that symbol and you think, that means I’m secure. I’m safe and I can browse and send information without a worry. Seems like that might be a mistake according to a new bug report.

SSL is the system in which websites can be verified, this means you can be certain that the website you’re sending information to is actually the website you want and not someone pretending. It also means that you have to use a standard of encryption when communicating information across the web. OpenSSL is a standard used by a variety of websites in order to offer some security and reassurance to its users, and sadly is publicly available meaning that users are free to view and edit the code as they see fit.

From the log that’s available it appears that the code responsible for the problem was added all the way back in January, however, it was only released to the publicly used version last month. With this problem, it would be possible for fake websites to change and “appear” as if they were the legitimate version and due to how the system works, fake websites would also be able to provide “certificates” for other websites.

While it was in the public version it didn’t make its way into the mainstream versions used by a lot of people, meaning that it has since been removed and the damage limited (if there is any at all). This is in contrast to the Heartbleed virus that resided in OpenSSL for almost two whole years before being discovered.

Thank you ArsTechnica for the information.

Image courtesy of the BBC.

Gareth Andrews

Disqus Comments Loading...

Recent Posts

EKWB Unveil Vector² Water Blocks Designed for ASUS ROG Strix GPUs

EK Water Blocks (EKWB), is introducing a whole series of liquid cooling products for ASUS…

22 hours ago

Sharkoon Launches its Skiller SGH50 Gaming Headset

Sharkoon has announced the launch of its new SKILLER SGH50. This is a high-performance gaming…

22 hours ago

EVGA Launches the Z690 CLASSIFIED Motherboard

Given that it's been over three months now since Intel launched its Alder Lake-S processor…

22 hours ago

AMD Flip-Flops on Prior Comments that 4GB Wasn’t Enough VRAM For Gaming!

One of the biggest question marks leading up to the release of the AMD Radeon…

22 hours ago

Antec Unveils its NX700 Mid-Tower Case

Antec has announced the launch of the NX700, their latest model in their highly-popular NX…

22 hours ago

MSI Vigor GK50 Low Profile TKL Mechanical Keyboard Review

MSI is one of the biggest and best names in the business, creating everything from…

2 days ago