BlackBerry, Others Working to Fix Heartbleed Scare
NEW YORK (TheStreet) -- If you've yet to be moved to action by all the warnings about the current Heartbleed computer security threat, there is still time to begin paying attention. Many of the major computer and smartphone manufacturers are taking the problem quite seriously.
BlackBerry (BBRY) has joined the ranks of other technology companies including Cisco (CSCO), Hewlett Packard (HPQ), Oracle (ORCL), IBM (IBM), Intel (INTC), Red Hat (RHT) and a long list of others in preparing quick fixes for the problem.
BlackBerry shares were gaining 1.82% to $7.27 in early New York trading on Tuesday.
The U.S. government is also taking the threat seriously. Late last week, banks and other business were warned to be on alert for problems resulting from the latest computer bug.
Heartbleed is a recently recognized computer software flaw which can allow the bad guys to attack a Web site's OpenSSL security system. For instance, when you fill-out an online form and your Web browser shows a "certified, secure" Internet address which begins with "https://.." that "s" stand for secure. Those are the sites the Heartbleed bug can attack. The bug could make your secure transaction information available to hackers.
Heartbleed gets its name from the fact that it attacks a portion of the OpenSSL code known as "Heartbeat."
A repaired version of the OpenSSL protocol was released last week but "secure" Web servers might still be vulnerable. A U.S. government spokesperson recommended that "people should take advice on changing passwords from the Web sites they use ... Most Web sites have corrected the bug and are best placed to advise what action, if any, people need to take."
Many sites have already released patches but the possibility remains that other sites could still be affected. Experts believe the problem could also affect data centers and also devices running on Apple's (AAPL) iOS and Google's (GOOG) Android operating systems.
Open SSL is also an integral part of BlackBerry messaging system, not only for its own devices but also for its popular, new software running on iOS and Android devices. BlackBerry now plans to release its security update to fix the problem by the end of this week.
A BlackBerry spokesperson told Reuters that while most of its servers are not affected by the bug, two of its widely used products (Secure Work Space for corporate email and BBM messaging for Android and iOS) could be vulnerable if hackers gain access through a Wi-fi or carrier connection. BlackBerry admits the level of risk "extremely small."
Experts believe Heartbleed has actually been around for years but as of yet has not been widely exploited. So far, there have been no reports of successful attacks using the security flaw. Then again since a Heartbleed attack leaves no traces those experts aren't completely sure.
To protect your computers, servers, smartphones and tablets find and apply any and all security patches offered by trusted sources.
-- Written by Gary Krakow in New York.
To submit a news tip, send an email to firstname.lastname@example.org.