Posted on April 8, 2014

The Heartbleed bug. What you need to know.

Officially known as CVE-2014-0160, Heartbleed is a recently discovered bug in OpenSSL. It has the potential to expose huge amounts of private data, including user names, passwords, credit card numbers and emails, as OpenSSL software is a commonly used code to secure the aforementioned data when you visit a secure site (usually displayed with that green bar or server lock symbol).

The bug was discovered independently by security engineers at the Finnish internet security testing firm Codenomicon and Neel Mehta of Google Security. It is found in a version of the code that has been used by internet services for more than two years.

The simple answer to what this bug allows is someone to essentially eavesdrop by being able to read the memory of any systems using the OpenSSL software, which is roughly two thirds of SSL/TLS encryption securing the internet.

As reported on heartbleed.com “We have tested some of our own services from attacker’s perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.”

This “leaking” can easily be stopped as a fixed OpenSSL has been released.

Has FullHost closed this vulnerability?

All of our shared, enterprise, and reseller hosting servers, as well as any server that is managed by us had has this vulnerability closed. For those that we do not manage, it is strongly encouraged that this be done immediately.

To check if you are vulnerable:
http://filippo.io/Heartbleed/

For more information please visit:
http://heartbleed.com/
http://en.wikipedia.org/wiki/Heartbleed_bug

Leave a Reply

Your email address will not be published. Required fields are marked *

Trusted by Clients Across All Industries

Don’t take our word for it - let our happy clients do the talking. See More

Full Host did an amazing job of migrating my site seamlessly onto their server. My only regret was not switching my site over to them sooner. Now it is performing great, images are uploading way faster than ever before.

" Vancouver Sofa and Patio - Jerry Schmidt

Two thumbs up for Fullhost! Agents reply to me fairly quickly or at least let me know they received the ticket and are looking into it. Kudos to the support team as they have always given me exactly what I need without delays.

" Universal Staffing Inc. - Anthony Calvano

FullHost is an absolute pleasure to work with, and their customer service is exceptional. Whenever I have questions or need adjustments, they are there to help, quickly, efficiently, with answers and insights.

" Mooseworld Inc. Norine Leibel

The Fullhost team was a huge help in getting the website moved over and set up in a way in which we could correct the technical issues. They were quick, helpful and technically knowledgeable.

" Canadian Sport Institute Pacific Noah Wheelock

Our organization Has been working with FullHost for a couple of years now, and we have been thrilled with the service.

" Canadian Centre for International Justice / Philippe Kirsch Institute Pearl Eliadis

Exceptional is the word when it comes to FullHost. I started my own business and in the jungle of applications, licenses and registrations, FullHost had my back.

" Statsmen Matthias Bass

The customer service and support staff that I have dealt with have all been great. The move from my previous host was smooth thanks to the support staff at Full Host who moved my files over.

" Moose Web Design - Michelle Nortje

With coast to coast coverage,
We help you serve the world.

Whether your audience is located in Europe, Asia, Africa, or Australia, provide them with lightening speed!

FullHost's data centers are located in Toronto and Vancouver to ensure worldwide quality and speed.

Get in Touch
We Trust Only The Best Tech to Support You

FullHost operates with the most innovative technology to bring you unparalleled levels of hosting services.