Thu,Apr 10,2014
'Model husband' shatters image of love
Can animals smile? Or put on a happy face
Geng Xuan crowned at 9th China Super Model Contest
Top 10 billionaires in the liquor industry
Backstage at China Fashion Week
Ballerinas anywhere but onstage
Top 10 safest airlines in the world
Posters of 33rd HK Film Awards unveiled
Top 10 most popular instant messaging apps in the world
Inspiring shadow images of Chinese army
THE heart of the Internet is “bleeding” from a bug in widely-used encryption technology, according to security experts.
The online threat, code-named Heartbleed, could affect millions of Chinese computer users by exposing their passwords, credit card numbers and other sensitive information to potential theft by computer hackers.
“Heartbleed is the No. 1 online threat this year,” said Shi Xiaohong, a security expert with Qihoo 360.
Shi likened it to a “nuclear crisis in the Internet landscape” due to its potential for damage.
More than 30 percent of domestic websites requiring web log-ins — covering online payment, e-commerce, online bank and e-mail services — have been affected by the bug. Users can’t protect their information if they have used the services of websites with OpenSSL encryption technology, even if their computers are well protected by anti-virus tools, according to Qihoo 360.
The security researchers who uncovered the threat are particularly worried about the breach because it had gone undetected for more than two years. Hackers may have been exploiting the problem over that period.
Domestic websites, including Taobao, the online shopping site, and train ticket site12306.cn, and global sites such as Yahoo were found to have the bug. By yesterday evening, most websites had been upgraded to fix the bug.
“All of our websites, including Taobao, Alipay and Tmall are safe now with system upgrading,” Alibaba said.
Beijing-based Qihoo 360 sent alerts to around 120,000 website owners in China urging them to upgrade their systems.
The Heartbleed bug was found by Google Inc and US security firm Codenomicon, and prompted the US government’s Department of Homeland Security to advise businesses to review their servers to see if they were using vulnerable versions of OpenSSL, Reuters reported.
Ordinary computer users are advised to change passwords or at least not to access websites that haven’t been upgraded.
Yahoo, which has more than 800 million users worldwide, said most of its most popular services — including sports, finance and Tumblr — had been fixed, but work was still being done on other products it didn’t identify.
In a statement, it said it was “continuously working to protect our users’ data.”
Wonderful moment of China's airborne forces
Bai Baihe shoots for fashion magazine
Red terraced fields in Dongchuan of Yunnan
Jiaju Tibetan Village
Spring dating
Confucius institute at UC Davis
Little painted faces at temple fair
Top 10 safest airlines in the world
Foreign students at China-Myanmar border
The backstage of the Fashion Week
College students in Han costumes
Postgraduate works as waitress
Life in a Lahu village in Yunnan
An orphan’s wedding
Hollywood documentary brings Diaoyu Islands truth to new audienceDay|Week|Month
