We've all heard about the Heartbleed bug that affected a big number of servers in the last 2 days, but what is really this bug ?!

The problem affects a peace of software called OpenSSL, used for security for popular Web servers. WWith OpenSSL, websites can provide encrypted information  to visitors, so the data transferred cannot be seen by other when it goes from your computer to the Website. 

The problem is that the version 1.0.1 of OpenSSL contains a bug that allows for a person to retrieve information on the memory of the Web server without leaving a trace. 

Heartbleed exploit a built-in feature of OpenSSL called heartbeat. 
When your computer accesses a website, the Website will response back to let your computer know that is active and listening to for your requests: This is the heartbeat.
Normally when your computer makes a request, the heartbeat will only send back the amount of data your computer sent. However, this is not the case for servers currently affected by the bug. The hacker is able to make a request to the server and request data from the server's memory beyond the total data of the initial request, up to 65,536 bytes.

The data that lives beyond this request "may contain data left behind from other parts of OpenSSL," according to CloudFlare. What's stored in that extra memory space is completely dependent on the platform. As more computers access the server, the memory at the top is recycled. This means that previous requests may still reside in the memory block the hacker requests back from the server. Just what might be in those bits of data? Login credentials, cookies and other data that may be exploitable by hackers.

No comments