Jump to content
Login new information ×
Login new information

Billions of Smartphone Users affected by Heartbleed Vulnerability

Reefa

By Reefa
in Security & Privacy News

 Share

Recommended Posts

Reefa

Reefa

Posted
Posted

Android-blackberry-apple-iphone-heartble

Heartbleed has left a worst impression worldwide affecting millions of websites and is also supposed to put millions of Smartphones and tablets users at a great risk.

Heartbleed is a critical bug (CVE-2014-0160) in the popular OpenSSL cryptographic software library, that actually resides in the OpenSSL's implementation of the TLS/DTLS heartbeat extension, which allows attackers to read portions of the affected server’s memory, potentially revealing users data such as usernames, passwords, and credit card numbers, that the server did not intend to reveal.
OpenSSL is a widely-used cryptographic library which implements the SSL and TLS protocol and protects communications on the Internet, and mostly every websites use either SSL or TLS, even the Apache web server that powers almost half of the websites over internet utilizes OpenSSL.
But to assume that the users using desktop browsers to visit websites are vulnerable to the Heartbleed bug, will be wrong. Despite 40-60 billion active Smartphone applications may be sharing some of those same servers or connect to their own group of servers that may also be compromised.
ANDROID
Google wrote in an update on its Online Security blog on Wednesday, emphasizing that Android was not vulnerable to the Heartbleed bug, except for a very specific version and can you guess that so called specific version??
Android 4.1.1 Jelly Bean, the one which makes up the majority of Android devices around the world, and which relies on the vulnerable version of OpenSSL.
Google didn’t reveal the actual figure that are vulnerable to the bug, but according to the latest dashboard released by Google, it is estimated that around 34.4% of the Android devices in use today are running the Android 4.1.x version.
Even last September Google announced that it had activated one billion devices. This means that the minimal number is likely to be in the millions. So, one can imagine how many Smartphones and tablets were at risk.
Well, Google has released the patches for Android 4.1.1 which is being distributed among the Android partners.
APPLE
Apple users can be relaxed knowing that their devices running iOS and OS X are not affected by the most critical security flaw, Heartbleed.
"Apple takes security very seriously. IOS and OS X never incorporated the vulnerable software and key web-based services were not affected," Apple told Re/code.
Instead using OpenSSL, Apple relies on different SSL/TLS libraries called Secure Transport, which was hit by its own very serious bug in February outcropping the possibility for man-in-the-middle (MitM) attacks — though it wasn't as dangerous as the recent OpenSSL Heartbleed security Flaw.
But still Apple users were not exempted completely, as the users using BBM for private messages on iOS might have been vulnerable to this flaw.
BLACKBERRY
Blackberry confirmed that some of its products, including Secure Work Space for iOS and Android, and BlackBerry Link for Windows and Mac OS and even BBM for iOS and Android were vulnerable to the Heartbleed security flaw. The figure of affected users is not least, as about 80 million people use BBM service.
They have also assured that BlackBerry Smartphones and tablets, BlackBerry Enterprise Server 5, BlackBerry Enterprise Service 10, and the BlackBerry Infrastructure are not affected by the flaw and are fully protected.

Link to comment
Share on other sites
  • Replies 12
  • Views 3.1k
  • Created
  • Last Reply

Top Posters In This Topic

  • Reefa

    4

  • eurobyn

    3

  • Kalju

    2

  • gipsy

    2

Popular Days

Top Posters In This Topic

Popular Days

Kalju

Kalju

Posted
Posted

Why such copy-paste texts? Link would be quite sufficient. Even no comma isn't changed.

Why do you just simply copy them?
Make a brief summary and add source link, quite sufficient.. Perfectly adequate.

Link to comment
Share on other sites
Reefa

Reefa

Posted
  • Author
Posted

Why such copy-paste texts? Link would be quite sufficient. Even no comma isn't changed.

Why do you just simply copy them?

Make a brief summary and add source link, quite sufficient.. Perfectly adequate.

Because i post how i wan't like everyone else on this site.sorry but i ain't gonna post how u want :unsure:

Link to comment
Share on other sites
Kalju

Kalju

Posted
Posted

Why such copy-paste texts? Link would be quite sufficient. Even no comma isn't changed.

Why do you just simply copy them?

Make a brief summary and add source link, quite sufficient.. Perfectly adequate.

Because i post how i wan't like everyone else on this site.sorry but i ain't gonna post how u want :unsure:

Sorry, I did not know that you have a health problem.

Link to comment
Share on other sites
Reefa

Reefa

Posted
  • Author
Posted

Why such copy-paste texts? Link would be quite sufficient. Even no comma isn't changed.

Why do you just simply copy them?

Make a brief summary and add source link, quite sufficient.. Perfectly adequate.

Because i post how i wan't like everyone else on this site.sorry but i ain't gonna post how u want :unsure:

Sorry, I did not know that you have a health problem.

I have one big health problem and that would be you..

Link to comment
Share on other sites
  • Administrator
DKT27

DKT27

Posted
  • Administrator
Posted

Relax guys.

Why such copy-paste texts? Link would be quite sufficient. Even no comma isn't changed.
Why do you just simply copy them?
Make a brief summary and add source link, quite sufficient.. Perfectly adequate.


This is how news are normally posted. Copy pasting full article allows one to read them fully without them needing to visit the source. While we would prefer members to visit the source link and read the full article there, but posting a just summary and a source link prevents ease of information and forces readers to either remain with the half story or click on the source link, which should be optional and not forced upon the members.

What I will prefer though, is that one posts a summary and the full article. However, summary is something that not all sources provide, so it's optional.

In addition to that, there is a rule for news, which has been discussed in the staff but haven't made public. The rule is, a news article posted should be atleast 3 paragraph big. This applies to both full article and the part which is posted. Summary is not 3 paragraph big, it's normally just one line.

So posting the full article does seem right to me.

Link to comment
Share on other sites
Reefa

Reefa

Posted
  • Author
Posted

Relax guys.

Why such copy-paste texts? Link would be quite sufficient. Even no comma isn't changed.

Why do you just simply copy them?

Make a brief summary and add source link, quite sufficient.. Perfectly adequate.

This is how news are normally posted. Copy pasting full article allows one to read them fully without them needing to visit the source. While we would prefer members to visit the source link and read the full article there, but posting a just summary and a source link prevents ease of information and forces readers to either remain with the half story or click on the source link, which should be optional and not forced upon the members.

What I will prefer though, is that one posts a summary and the full article. However, summary is something that not all sources provide, so it's optional.

In addition to that, there is a rule for news, which has been discussed in the staff but haven't made public. The rule is, a news article posted should be atleast 3 paragraph big. This applies to both full article and the part which is posted. Summary is not 3 paragraph big, it's normally just one line.

So posting the full article does seem right to me.

Thanks for the explanation..But it fails to explain why he is picking on me..

Link to comment
Share on other sites
Dodel

Dodel

Posted
Posted

Back on topic, surely it's stating the obvious here, in regards to the heatbleed exploit, given that it's actual websites which are the issue, not the devices connecting to them, be it either a phablet, pc , hell even console.

Typical scaremongering, the first report of this suggested we stay off the internet ffs!, rather than actually educate people....

Sad times.

Link to comment
Share on other sites
eurobyn

eurobyn

Posted
Posted

Why such copy-paste texts? Link would be quite sufficient. Even no comma isn't changed.

Why do you just simply copy them?

Make a brief summary and add source link, quite sufficient.. Perfectly adequate.

kalju : :duh:

Link to comment
Share on other sites
gipsy

gipsy

Posted
Posted

kalju : :duh:

for what? for different viewpoint?

c'mon people!a little more humanity!

about point:any modern gadget kill us gradually in health or mentality (imo).

Link to comment
Share on other sites
eurobyn

eurobyn

Posted
Posted

for what? for different viewpoint?

c'mon people!a little more humanity!

about point:any modern gadget kill us gradually in health or mentality (imo).

this whas a copy paste.

with 54 posts you are following the news?

i just want to say that commenting about someone that rally post something , do not commenting if you only have comments . of a post.

and you are wright with : for what? for different viewpoint?

then you are just commenting.

Link to comment
Share on other sites
gipsy

gipsy

Posted
Posted

with 54 posts you are following the news?

with 54 post for couple of months vs your 322 for 7year.

feel the difference amigo! :D

Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...