Billions of Smartphone Users affected by Heartbleed Vulnerability
Billions of Smartphone Users affected by Heartbleed Vulnerability: Heartbleed has left a worst impression worldwide affecting millions of websites and is also supposed to put millions of Smartphones and tablets users at a great risk.
Heartbleed is a critical bug (CVE-2014-0160) in the popular OpenSSL cryptographic software library, that actually resides in the OpenSSL’s implementation of the TLS/DTLS heartbeat extension, which allows attackers to read portions of the affected server’s memory, potentially revealing users data such as usernames, passwords, and credit card numbers, that the server did not intend to reveal.
OpenSSL is a widely-used cryptographic library which implements the SSL and TLS protocol and protects communications on the Internet, and mostly every websites use either SSL or TLS, even the Apache web server that powers almost half of the websites over internet utilizes OpenSSL.
But to assume that the users using desktop browsers to visit websites are vulnerable to the Heartbleed bug, will be wrong. Despite 40-60 billion active Smartphone applications may be sharing some of those same servers or connect to their own group of servers that may also be compromised.