sincity Posted June 6, 2014 Share Posted June 6, 2014 http://cdn.mos.techradar.com/art/other/rusty-padlock-470-75.JPGThe Heartbleed flaw discovered in OpenSSL was one of the worst web vulnerabilities in history, but believe it or not it may already have been dethroned.Even more incredible is the fact that once again, OpenSSL may be to blame.The "CCS Injection Vulnerability" was discovered by Tatsuya Hayashi, who said it "may be more dangerous than Heartbleed," according to The Guardian.Attackers can reportedly use this weakness to intercept and even alter data passing between computer and websites in a classic man-in-the-middle maneuver as long as they're on the same network, like a public Wi-Fi hub.Hopelessly flawedThe flaw was reportedly introduced into the OpenSSL encryption standard 16 years ago, when OpenSSL was introduced in 1998, but it's only just been discovered.It affects all past versions of OpenSSL and servers running OpenSSL 1.0.1 or the beta version for 1.0.2.Meanwhile it's not even the only flaw to be uncovered this week - another one allowed hackers to send malicious code to machines running OpenSSL, and it was reportedly added four years ago by Robin Seggelmann, the same dev who created Heartbleed.The OpenSSL open source project has already issued a patch, but this newest discovery has nevertheless revived the question of whether it's time to kill OpenSSL once and for all.You may want to check TechRadar's list of the best free antivirus softwarehttp://rss.feedsportal.com/c/669/f/415085/s/3b3eb6d0/sc/5/mf.gifhttp://da.feedsportal.com/r/199119429284/u/49/f/415085/c/669/s/3b3eb6d0/sc/5/rc/1/rc.imghttp://da.feedsportal.com/r/199119429284/u/49/f/415085/c/669/s/3b3eb6d0/sc/5/rc/2/rc.imghttp://da.feedsportal.com/r/199119429284/u/49/f/415085/c/669/s/3b3eb6d0/sc/5/rc/3/rc.imghttp://da.feedsportal.com/r/199119429284/u/49/f/415085/c/669/s/3b3eb6d0/sc/5/a2.imghttp://pi.feedsportal.com/r/199119429284/u/49/f/415085/c/669/s/3b3eb6d0/sc/5/a2t.imghttp://feeds.feedburner.com/~r/techradar/software-news/~4/unqsN-jU4A0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.