The so called ‘heartbleed’ has been described as one of the most potent computer bugs ever created. It’s a flaw in encryption technology called OpenSSL – estimated to be present in two thirds of web servers.
Many websites use the technology as a secure method of collecting financial and personal data online. Heartbleed could allow hackers to access that information – and even impersonate a trusted website.
Most major companies have taken steps to secure their sites. But analysts say the bug could also affect network hardware – making it more difficult to fix.
Heartbleed hasn’t just affected email, social media and e-commerce. As Kristiaan Yeo reports in Canada, it prevented millions of people from filing their taxes. Canada’s Revenue Agency suspended its online filings service on Wednesday, while engineers applied security fixes.
Canada’s tax authority is promising to fix its Heartbleed security flaw within a matter of days – but it’s not clear if taxpayer data was actually compromised and in the meantime, millions of Canadians are unable to file their taxes online – just 3 weeks before the deadline.
It’s a hugely disruptive move – but one which security experts say was the right course of action. For many Canadians, news of a possible leak of social security data is unsettling – but many taxpayers we spoke to were happy the CRA was at least being up front.
For taxpayers who’ve not had a chance to file their returns – an apology and a promise from the tax service. The deadline for online submissions will be extended by around a week – to make up for the downtime.
Heartbleed Bug Affects Canada’s Tax FilingThe so called 'heartbleed' has been described as one of the most potent computer bugs ever created. It's a flaw in encryption technology called OpenSSL - estimated to be present in two thirds of web servers.
The bug affects over 30 thousand web servers across China. What’s alarming is that it covers China’s major social network sites, email services, and even banks’ websites, and e-commerce sites.”
The potential loss of user information is one thing. What takes the security glitch to a whole new level is the threat to online bank transactions, and the nearly 3 trillion Yuan that flows through e-commerce sites on a daily basis. With the stakes so high, China’s major internet firms have rushed to plug the problem.
However, some computer security experts don’t believe that repaired web sites are completely secure and say users shouldn’t be feeling safe so soon.
While big internet firms are swift in fixing the bug, many others are still slow in reaction. The red dot shown over here shows every server that still hasn’t fixed the heartbleed bug. That means each dot is an open target for hacker attacks. Experts say it is still too early to calculate the cost of the still evolving crisis.