However, the number of bug reports Heartbleed actually makes a lot of people are confused to understand what it Heartbleed. Here is a collection of myths circulating about Heartbleed wrong.
1 . Heartbleed is a virus
OpenSSL bug is not a virus , but a security hole . The loophole arises because of a typing error code in open-source encryption protocol used by many websites and servers .
OpenSSL function to help ensure inter - network communications are protected . With the open security holes , one can monitor personal communication or log events , and interesting data.
2 . Effects Heartbleed only affected the web site
Although only affected the site , Heartbleed could interfere with the work of web servers and routers are breached . This is because a lot of the amount of data that can be stolen .
However , web servers and routers are not the only potential targets Heartbleed this bug . Clients that communicate with the server , including smartphones , laptops , and other devices that connect online also at risk with what is called " Reverse Heartbleed , " where the data is stored in the memory device can also be stolen .
" Usually on the client side , the memory allocated to processes that are running alone , so that all processes can not be accessed , " said David Chartier , CEO of the Finnish internet security company , Codenomicon to ReadWrite ( 14/04/2014 ) .
" However , that does not mean the content of e - mails and other documents safe , they may still leak , " said Chartier .
3 . Hackers can use to mengonrol smartphones
Based on all current indications , a hacker can not take over control of smartphones , they can only retrieve data stored in the memory of the smartphone that has not been getting security patches .
iPhone and most Android devices so far remained immune to this bug Hearthbleed , with the exception of Android 4.1.1 . But Google has said it will soon release a security patch for the operating system .
BlackBerry has said that BBM app for Android and iOS are also affected by this bug Heartbleed , but the Canadian company said it was preparing fillings for a gap in the service of his messenger .
4 . Prone Heartbleed Windows XP is no longer supported because Microsoft
This myth wrong . Microsoft Windows XP support ends when the bug Heartbleed found . This of course makes panic . However , Microsoft insists its developer blog that the company from Redmond , the U.S. does not use OpenSSL .
Windows XP , and all versions of Windows , including Windows Phone , using encryption component developed by Microsoft itself , namely the Secure Channel ( or SChannel ) , so it is not affected by the bug in OpenSSL .
5 . All banks are vulnerable to Heartbleed
Banks and selling sites are popular not use open-source encryption protocol , so we can be sure their website is not directly affected . However , it does not mean the data is stored in a bank or selling the site remains safe , because forever these sites targeted by hackers .
6 . Frequently accessed site is not at risk / already have security patches , so I'm safe .
Not entirely , because Heartbleed leave no trace after hackers managed to retrieve the data . All data login and password information remains at risk . Because it immediately change the password so such websites issuing security patches .
7 . Heartbleed NSA utilizes a long time to spy on us
Circulated the news that said that the U.S. intelligence agencies , the NSA had known bug in OpenSSL , but chose to remain silent and to use it to conduct espionage .
However , the NSA denied it and said that it was not using the security hole , and a new claim to know the gap after it was announced . But if the NSA telling the truth or not , nobody knows , considering how the track record of the government agencies has been in hiding information .
No Comment to " 7 Myths about "Heartbleed" "