Connect with us

Thai Life

Hoping to heal from Heartbleed



Thaiger deals

PHUKET: On April 1, 2014 one of Google’s security team members reported a disturbing discovery. Don’t be misled, what was found to be a very serious security breach affecting half-a-million websites across cyberspace was, in fact, not a computer virus. It was a simple programming code mistake which turned out to have far-reaching implications for, what was thought to be, encrypted information. Meet Heartbleed.

The Heartbleed bug, as it has been grimly named, is a small coding error that somehow remained unseen by those responsible for catching such mistakes. The error was written into a security protocol called OpenSSL which is meant to provide a secure line of communication between networks and other computers and mobile devices. Numerous internet Goliaths such as Amazon, Facebook and Google run this protocol that was intended to keep the sensitive information users decide to share – think passwords, credit card numbers and social security numbers – under lock and key. At this point, it is widely considered one the most serious security breaches in the history of the internet.

Following the discovery of this metaphorical hole in the bucket, a patch was created and released on April 7 to shore up the breach. Internet users can now breathe a little easier, but not quite a sigh of relief. Although the error in the code has been taken care of, the problem was only discovered last month, while it has actually existed since it was implemented in an OpenSSL update on March 14, 2012.

At this point, unless you have already been affected, there really is no way of knowing if a hacking, thieving, scoundrel has acquired your info. Other than changing your online passwords, there is little you can do. What needs to happen is that the websites – about two-thirds of the internet – need to update the certificates and private keys that they use to encrypt communications. Certificates and private keys are used by networks to show you and your computer’s browser that your connection is indeed secure. Ever notice the little padlock beside a website’s address in your browser? That’s the verification symbol showing security authenticity.

However, this does not happen with the click of a button – to recreate and employ certificates and private keys takes time and effort. For instance, Google took the necessary steps to protect their users right away, but smaller networks without nearly infinite resources at their disposal like Google may struggle to do the same. Keep in mind that Heartbleed is not a virus on your computer so your machine itself is not compromised.

But wait, there is more. Another risk posed by Heartbleed is the explicit possibility that some cyber-villain could actually get a hold of a network’s private key and impersonate it. By creating, say, a fake sign-in page for a site that you navigate to and using the private key for that site, your computer would not be able to distinguish it from the authentic one, therefore allowing the online reprobate to grab your precious info.

For many websites, it may be unclear whether they have been affected by Heartbleed. Several websites (such as this one) have posted a list of some popular sites with their status regarding security.

The best approach to begin protecting yourself is to identify the sites you frequent most, especially the most sensitive ones like online banking, and find out if they have been affected and, if so, have they taken steps to secure themselves. If they did not implement OpenSSL to begin with, you are not at risk and do not need to take action. If they were affected, but are now secure, change your password immediately. In the case that a site has important information of yours, has been affected, but is not yet secure, do not bother changing your password until they have taken the necessary steps to keep your info safe.

More news will surface regarding Heartbleed and more people will be affected. For now, don’t be lazy, be proactive and do what needs to be done to protect yourself.

— Jeremie Schatz


Get more from The Thaiger

Join the conversation and have your say on Thailand news published on The Thaiger.

Thaiger Talk is our new Thaiger Community where you can join the discussion on everything happening in Thailand right now.

Please note that articles are not posted to the forum instantly and can take up to 20 min before being visible. Click for more information and the Thaiger Talk Guidelines.

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Archiving articles from the Phuket Gazette circa 1998 - 2017. View the Phuket Gazette online archive and Digital Gazette PDF Prints.

Follow Thaiger by email:

Economy35 mins ago

Thai baht soars to six-month high against US dollar

Pattaya42 mins ago

Motorcycle taxi riders rally against unlicensed ride-share app drivers in Pattaya

Pollution1 hour ago

Over 100 tonnes of garbage estimated near Phuket Fishing Port

Sponsored8 hours ago

Where you can get cannabis in Bangkok

Thailand1 hour ago

Stop giving monkeys cigarettes, beg locals in Lop Buri, Thailand

Thailand2 hours ago

World Cup broadcasting soap opera drama rumbles on

Transport2 hours ago

Thai Vietjet plans new routes to China, India, Japan, Vietnam

Join the conversation on the Thaiger Talk forums today!
Crime2 hours ago

Police arrest weight loss pill executive for causing 4 deaths in Thailand

Phang Nga3 hours ago

Phang Nga officials find more leatherback turtle eggs

Tourism3 hours ago

Thai AirAsia Melbourne and Sydney connections take to the air

Bangkok3 hours ago

Fireworks to dazzle Bangkok’s Chao Phraya River area on New Year’s Eve

Medical3 hours ago

Resurgence of AIDS in Thailand overshadows UNAIDS summit

Phuket4 hours ago

Thai VietJet cancels Phuket – Bangkok flight last minute over 1 extra passenger

Food4 hours ago

Thailand’s top cheesemaker toasts his own success

Crime4 hours ago

New details unfolding over alleged assault by Pattaya loan sharks

Hot News5 hours ago

Family of man who died after a hair transplant warns others to avoid cowboy clinics

Thailand1 year ago

Morning Top Stories Thailand | Police to end protests, Human Trafficking | September 14

Thailand2 years ago

Thailand News Today | Thai Airways in rehab, All go for Songkran | March 4

Tourism2 years ago

Phuket’s nightlife. Yes, bars and clubs are still open | VIDEO

Phuket2 years ago

Thailand News Today | Covid passport talks, Thai Airways heads to court | March 2

Tourism2 years ago

Phuket Thai food treats you need to try | VIDEO

Thailand2 years ago

Thailand News Today | Bars, pubs and restaurants ‘sort of’ back to normal | Feb 23

Tourism2 years ago

In search of Cat & Dog Cafés in Phuket Town | VIDEO

Thailand2 years ago

Thailand News Today | Gambling crackdown, Seafood market to reopen, Vlogger challenge | Jan 21

Thailand2 years ago

Thailand News Today | Covid testing for visas, Business impact, Vaccine approval | January 19

Thailand2 years ago

Thailand News Today | Weekend Bangkok bombs, Thailand fires, Covid update | January 18

Thailand2 years ago

Thailand News Today | Stray car on runway, Indonesian quake, 300 baht tourist fee | January 15

Thailand2 years ago

Thailand News Today | Governor off respirator, sex-trafficking arrest, condo prices falling | January 14

Thailand2 years ago

Thailand News Today | Chinese vaccine, Thailand ‘drug hub’, Covid update | January 13

Thailand2 years ago

Thailand News Today | Bangkok may ease restrictions, Phuket bar curfew, Vaccine roll out | January 12

Thailand2 years ago

Thailand News Today | Covid latest, Cockfights closed down, Bryde’s Whale beached | January 11