Despite Akamai ‘Heartbleed’ Fix, SSL Security Remains in Question

World News Stand April 16, 2014 0

heartbleedWhen it was announced last week that there is a gaping hole in SSL encryption technology, web users and web businesses were understandably a bit freaked out. OpenSSL has long been viewed as the gold standard of anti-crime technology for two-thirds of the web, so it’s no surprise that everybody from Amazon to Tumblr has been rushing to protect their customers, not to mention their bottom-line.

When Akamai, one of the web’s biggest network providers, released a patch that it said would fix OpenSSL’s vulnerabilities, the worldwide web breathed a collective sigh of relief. The problem? As a blog post from Akamai’s CSO Andy Ellis published on Sunday states, the patch, once thought to be a panacea, is really only a partial, temporary fix. There are six critical values in OpenSSL that need to be addressed to completely plug the security leak. Akamai’s patch only addresses three.

What’s the Hold-up?

Before ‘Heartbleed’ was discovered, industry analysts expected eCommerce to jump to $1.5 trillion in 2014. However, if this issue with OpenSSL is not fixed and consumer financial information remains vulnerable to cyber-attacks, it stands to reason that confidence in online shopping will take a significant hit. It’s no wonder, then, that many in the industry are wondering just what the hold up is with getting this issue fixed.

The answer is that the fix is far more complicated than originally thought. On the one hand, webmasters have to make an effort to patch OpenSSL and retrieve new certificates. Facebook, Amazon, and others have already taken this step. On the other hand, once a site has been patched, consumers need to take the extra step of changing their passwords. This second step, the one that requires action by the consumer, is where the issue lies. Many consumers don’t like the hassle of changing their passwords, but even if they’re willing to do so, how do they know when the time is right? The Qualys SSL Server Test is a free tool consumers can use to make sure their favorite sites have properly patched their security.

‘Heartbleed’ Jumps from the Web

Unfortunately, even after big web companies and their consumers have taken necessary steps to deal with ‘Heartbleed,’ chances are that a huge body of consumers will remain vulnerable. As The Guardian reports, routers, smartphones, and other mobile technologies will remain vulnerable to ‘Heartbleed’ until tech companies make the security of those platforms a priority, something many believe won’t be happening anytime soon. Most, in fact, say that software development companies will leave most mobile platforms and their users vulnerable. For the time being, it seems, web users need to be more vigilant when shopping online.

What do you think of the ‘Heartbleed’ bug? Will it stop you from buying online?

Tags:

More Stories

Finding Rover App Helps Puppies Reunite With Their People Parents

Finding Rover App Helps Puppies Reunite With Their People Parents

World News Stand January 18, 2016 0

New Studies Find That Mobile Phone Data Can Be Used to Track Spread of Infectious Diseases

World News Stand August 31, 2015 0

Why Did a Blank, 4-Minute Video Get 100,000 Views?

World News Stand August 27, 2015 0

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

Parking Lot

The Impact of Lighting Design on Parking Area Security and Usability

admin April 18, 2024 0
culture impact

Examining the Cultural Impact of Common Jobs Across the Globe

admin July 31, 2023 0

How a Commercial Building Exterior Remodel Can Get More Customers in the Door

admin June 12, 2023 0

How You Can Help Victims of the Turkey-Syria Earthquake

admin February 14, 2023 0

Looking for a Popular American Home Project? Try These 8 Projects!

admin September 21, 2022 0