Thursday, April 17, 2014

Cleardocs customers not affected by Heartbleed security bug

Ercan Barlas, Technical Lead

I am sure that by now you have heard of the Heartbleed bug which is a serious vulnerability in the popular web encryption program known as OpenSSL.  Well you will be pleased to know that Cleardocs customers were not at anytime susceptible to the HeartBleed Bug.  The infrastructure used on the Cleardocs servers has assured this and prevented any customer information from being compromised.
While you can rest assured that Cleardocs is not affected you still need to be cautious of other online services which you use that may have been affect.  In the simplest terms this bug may have exposed your password to attackers.  McAfee a popular security software company provide a website where you can check if any of the sites you have an account with are affected (  If you find that a site was affected it is highly advisable that you change that password especially if you use the same password for other services.
Why is this bug so serious?  
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users.

+Cleardocs Thomson Reuters


No comments:

Post a Comment