It's possible everyone has had their data exposed- Horwitz
Thursday, April 10, 2014 - 03:34
Apr. 10- The heartbleed internet bug is so troubling because it is so hard to track where its been and what its done, says Julia Horwitz of the Electronic Privacy Information Center. Bobbi Rebell report
▲ Hide Transcript
▶ View Transcript
Big warning for pretty much anyone uses the Internet a newly discovered virus being called the Hartley heart -- bug. Is exposing private information to hackers and there's not a lot that can be done at this point that's what's so scary let's talk to Juli -- -- she is the consumer protection council. At Electronic Privacy Information Center so thank you so much for joining us for small. Thank you for having me are what is different about this but how does that work. It works by interfering with that communication between two. Encrypting computers so if there's it and encrypted connection between computers so for example. As there would be fewer transferring. Information -- -- her secure email or something like that. There are a couple layers of code that insure that your data stays secure through impenetrable from. Hackers sewed this bug. Sort pokes a hole and that code and allows. Hackers to. Pretend to be one is that two computers you there at the receiving computer or the sending computer and collect data that way. So how serious are the consequences of what kind of information for example. Is is exposed. The data that the -- it's helpful collect is comes off of your computer's. Temporary memory which means that it could. Contain anything from. You're. Encryption keys -- you're. Email. Information here -- your name in your password. It can contain. Any sort of files or cookies that you had installed on your computer since you last turned it on. So it'll take some random sampling of that data and and send it to the the hacker who heads. Use the loophole provided by the bug so what -- consumers need to know what how to they know even know what communication -- what should consumers be doing. It's a little bit hard to know what to trust because the the encryption software that has the bug in it is the most popular. Form -- wedding correction on the Internet so something like more than two thirds of the Internet. That's encrypted is encrypted using open SSL TLS which is what. But the encryption software. Is some companies like Google Yahoo! FaceBook -- told Reuters that they've taken steps to mitigate the impact. On users I mean how confident are you and that it isn't really going to be enough. What he would you know. I guess here's the troubling thing. This virus is unique in many ways and one of those ways is that it's it doesn't leave a Trace so it's hard Q. Track it and CE one it's been used or where it's been as far as we can tell. It's been in operation for about two years maybe a little more than two years. Which means that. Potentially any of those services that use open us a -- in order to encrypt. Have been exposed to this bug in their Ford the users of those services. And just fine Miami what does this mean for consumers doing business on the Internet having the impact -- I'm sure that consumers -- now how it. Bigger vocabulary and more than knowledge base that that they can ask these questions of the companies that they use military encryption Blake and is it. Is it impervious to bugs I think figure Harwood of Electronic Privacy Information Center and doctor about this -- writers.
Press CTRL+C (Windows), CMD+C (Mac), or long-press the URL below on your mobile device to copy the code