The Heartbleed bug, Yahoo, Facebook, Canadian Revenue Agency


heartbleedAnother reason people should be paying more attention to their own personal security, privacy and holding it dear while on the Internet comes to light.  The Heartbleed bug or exploit, was discovered over 2 years ago, however, the fact that it has recently come to light in the last few weeks is disturbing to some.

Everything from Revenue Canada, Facebook, Gmail, Yahoo, Banks and many more have been affected. This problem isn’t some little hacker going after you because he feels you wronged him. These are massive thefts and collections of personal information in which everyone loses and a very small few profit.

We are at an age were corporations claim to be providing you with security and we take it at face value until something goes wrong.  We take for granted that when someone tell’s us it’s safe or secure, we inherently trust them because they hold a higher standard in society then the average person.

Why is it that we wait until something goes wrong before we question things.  At BH Consultants we take personal security and privacy seriously. Anti Virus and Malware scanners, simply aren’t enough to claim that your information or computer is safe.  It’s the attention to detail that keeps you safe.

If you are worried about your privacy and security while using your favorite sites on the Internet, Please contact us, and we can help you understand how to protect yourself on the internet.

Heatbleed.com From the website; Updated April 11th 2014:

The Heartbleed Bug

Heartbleed Bug

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.