At least 2 percent of Internet's IP addresses are vulnerable to Heartbleed
A prominent security firm has found that 2.1 percent of IP addresses on the Internet are still vulnerable to the dangerous encryption flaw dubbed the Heartbleed bug.
Heartbleed bug is an encryption flaw that allows attackers to read previously encrypted information like emails and passwords. An attacker could even gain access to encryption keys and thus be able to look back at a user’s Web previously encrypted traffic as long as it had it been recorded. The bug has been called “catastrophic” and at one point affected the security of up to two-thirds of the Web.
Errata Security looked at 28 million IP addresses—the unique numbers that identifies the computer network computers use to connect to the Internet—with valid SSL connections in search of the bug.
Of those 28 million, only 615,134 machines were found to be vulnerable to the Heartbleed bug as of this morning, according to Robert Graham at Errata Security.
Additionally, 330,531 machines had heartbeats—the functionality that the bug takes advantage of—enabled but did not fall victim to the attack, leading Graham to believe they’d been patched before the scan began last night.
Graham includes one caveat, however: Of those 28 million IP addresses scanned, millions may redirect to a "single load balancer." In other words, the percentage of independent IPs affected by the bug may actually be higher than 2 percent.
For regular users, the best way to combat the bug is to make sure all of your software, and especially your Web browser, is up to date. And to be extra secure, you might want to update all your passwords.
Illustration by Fernando Alfonso III
Japan accepts U.S. giant-robot battle challenge
What a time to be alive.14k
The Philae comet lander may have discovered alien life
Don't get too excited just yet. The findings haven't been verified.5.7k
South Carolina State Senate votes to take down Confederate flag
The vote sets up another vote and then an almost-certain signature by the governor.4.3k
Download the 5 best rap mixtapes of 2015
Catch up with stellar releases from T-Pain, Future, and others.
Counter-Strike squad affNity signs with 3sUP
3sUP is best know for its Call of Duty outings.122