Heart-Bleed Bug

During the process of data transmission through the internet, there are numerous viruses and bugs related risk that face the process, and they increase the risk facing the computer world. One of the latest bugs is the Heartbleed bug, which is a computer security vulnerability in the OpenSSL software which makes it possible for a non-authorized person to manipulate the memory of the data servers of a computer system (Wakefield 19). OpenSSL according to the computer world is the Secure Sockets Layer that is used to encrypting information, therefore, preventing a hacker from eavesdropping while an individual is using the internet; the term open implies that the encrypting is used over a wide range of websites (Cassidy 12).

    The Heartbleed bug works by allowing the hacker to access 64 kilobytes of the memory but in a process that can be done repeatedly and hence enabling the hacker to steal the digital keys of severs and hence they are able to access important personal and company information (Wakefield 23). This is made possible by the hacker sending a Heartbeat with a larger length field compared to the payload and hence the computer will copy extra information in response. Therefore, the user’s sensitive data including their passwords, usernames and even credit information can be intercepted by the hacker and hence leading to losses (Wakefield 24). Further, it is hard to detect the bug because it leaves no trace and thus it can go unnoticed for a long time, which makes it dangerous to internet users. Some of the agencies that have been compromised by the bug include Canadian Revenue Agency and the Community Health System (Cassidy 14). However, the issue can be resolved by replacing the OpenSSL with the Fixed OpenSSL, which is lesser vulnerable to the attack (Wakefield 24).