Security concerns have taken the Internet by storm the last couple of days since a new bug called "Heartbleed" has been exposed by Codenomicon, a Finnish security company, and Google.
Heartbleed is an exploit that compromises secure communications using OpenSSL which is typically configured on servers in a *nix environment. The bug has exposed millions of usernames, passwords and reportedly credit card numbers. It was named Heartbleed because it affects an extension to Secure Sockets Layer (SSL) which engineers simply nicknamed Heartbeat. The two companies disclosed knowledge of the Heartbleed bug on Monday, but they noted that it went unnoticed for as long as two years.
SSL is one of the most commonly used encryption tools on the internet, deployed by almost 66% of all websites. If you ever see a little padlock symbol in your browser then it is likely that you are using SSL.
It's as if someone left their house not knowing the lock on the front door was broken.Could someone walk in? Yes. Have they actually walked in? No one knows.
The WebSan cloud is not affected by this issue; we run state of the art security counter measures and ensure our hosting infrastructure is up to date with all security patches as well as SAS70/SSAE16 compliant. Our mandate is to keep your data safe and secure!