Professor Makes Unique Observation on Heartbleed Vulnerability

16/04/2014

News image
Professor Bill Buchanan and his research team have made new observations on the Heartbleed vulnerability. With this the team have found that the network traffic contained in the result of a probe for the Heartbleed vulnerabilty can be viewed by anyone observing the data packets on the Internet. These packets are meant to be encrypted, but the bug in the Heartbeat Request, causes the data to be send back in an unprotected form. The capture is here:

http://billatnapier.files.wordpress.com/2014/04/heart02.png

where the details of the memory can be viewed, even through this is meant to be a secure network connection. More details at:

http://asecuritysite.com/encryption/heart3

Other details

An explaination of the vulnerabilty and a demo are at:

http://asecuritysite.com/encryption/heart

and

http://asecuritysite.com/encryption/heart2




 
[Read More]

Associated people

William Buchanan
Director of CDCS
w.buchanan@napier.ac.uk
+44 131 455 2759
Cyber-Security
Electronic information now plays a vital role in almost every aspect of our daily lives. So the need for a secure and trustworthy online infrastructure is more important than ever. without it, not only the growth of the internet but our personal interactions and the economy itself could be at risk.

Resources