Heartbleed Bug: Get it from visiting a site or downloading?
?
2014-04-18 13:06:01 UTC
Is the "Heartbleed Bug" passed along by visits to infected websites or by downloading open source programs? Is the bug code inside the user's computer (as a virus would be)? If so, can it be detected or removed?
Three answers:
Earth ◊³ Dee
2014-04-18 13:13:55 UTC
No, it's a bug.. .not a virus or worm.
It's a vulnerability in the way some versions of SSL respond to requests, and forces the server to give out more information than it should. It's generally on a server. Your computer is not affected, or infected, by connecting to a vulnerable server, but technically, your login information potentially can be stolen if you use credentials on a server that has the affected version of SSL installed and a hacker exploits the bug.
?
2014-04-19 20:10:26 UTC
The heartbleed bug is like a backdoor that only OpenSSL service provider can fix on their end.
OpenSSL is being used by most websites to keep data and information secure. The gold, sometimes green, padlock that you see when you visit a website means that it is using SSL.
This has already been fixed before it went out on the news and other media. Most websites should be safe by now.
You can check if a website is vulnerable by going to http://filippo.io/Heartbleed/
?
2014-04-18 13:43:41 UTC
This comic explains how Heartbleed works. http://xkcd.com/1354/
ⓘ
This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.