Is your device vulnerable to Heartbleed?

Are concern about the heartbleed? Security company Lookout has released a free app called “Heartbleed Detector” to help verify if your Android device is at risk.

First question first, What is heartbleed?

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

What versions of the OpenSSL are affected?

Status of different versions:

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable
  • OpenSSL 0.9.8 branch is NOT vulnerable

Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.

The bug is not affecting most devices, however, Google admitted that devices running Android 4.1.1, otherwise known as Jelly Bean, can be at risk.

This Android app, Heartbleed Detector scans your device and lets you know if it has been affected by the Heartbleed bug.

Heartbleed Detector will show green if your device is fine:

HB -Safe

 

 

If your device has been affected by the Heartbleed bug, but it’s inactive, it will show you this screen:

HB - Affected

 

And if your device isn’t OK, it will show you this screen:

HB - Danger

 

Download from Playstore

Unfortunately if your device has in fact been affected, there’s nothing much you can do about it other than wait for a fix to be released.

Source: HeartBleed | Business Insider

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s