Nobody would have ever imagined that a very small bug in the OpenSSL now famously known as Heartbleed could bring entire internet industry on its knees. Finally everything settled down without any major incident reported but steps need to be taken so that these types of bug can be avoided in future. You might find it surprising that OpenSSL project has only 1 full-time developer (Hats off to this guy) who is responsible for development and maintenance of OpenSSL libraries, mentioned by OpenSSL Software foundation president Steve Marquess in a blog post. Continue reading Heartbleed hit – OpenSSL gets support
I am sure that by this time all of us have already heard about the Heartbleed ,that made almost every encrypted sensitive data i.e passwords,credit card details etc vulnerable to external attacks.
These days almost each and every website asks user for registration and provides them with an username and password for there future interaction with the website.Today HTTPS protocol is the defacto standard for sending the sensitive data to the server and behind the scenes Secure Sockets Layer (SSL) and Transport Layer Security(TLS) protocols which make sure that every transaction between the client and server is secure. Continue reading Heartbleed – What went wrong ?