Close Search
 
MEDIA, JOBS & RESOURCES for the COMMON GOOD
News  | 

Pro Bono Australia Safe from Heartbleed Vulnerability


14 April 2014 at 12:20 pm
Staff Reporter
Pro Bono Australia’s website has not been affected by the Heartbleed security vulnerability that has compromised many password secure websites across the world.

Staff Reporter | 14 April 2014 at 12:20 pm


0 Comments


 Print
Pro Bono Australia Safe from Heartbleed Vulnerability
14 April 2014 at 12:20 pm

Pro Bono Australia’s website has not been affected by the Heartbleed security vulnerability that has compromised many password secure websites across the world.

Pro Bono Australia Technical Operations Manager Ben Dechrai said the Heartbleed security vulnerability was the result of a change made in December 31, 2011 to the underlying piece of software used for creating secure certificates, such as the ones used to give a padlock on secure websites.

“Almost two and half years later, this line of code was found to create a vulnerability in the software that essentially means any website using this software to provide secure communications may as well not have been protected,” Dechrai said.

“In fact, the vulnerability has even been found to allow others to assume the identity of another secure website completely.

"Visits to these imposters would result in your browser assuring you they were legitimate. Most frustrating of all, the original site operators would have no indication in their auditing or logging systems that this had occurred.”

Dechrai said Pro Bono Australia was running on a version of OpenSSL that wasn’t affected by this vulnerability, however advised that if a Pro Bono Australia user had the same password on any other system that might be affected, they should change their password.

Dechrai recommended that people change passwords with every single website provider.

“It's important to note that, if you change any details, such as your passwords, on sites that were affected, you must do this after you know they have fixed the issue. Do it beforehand, and you might be giving the new details to someone else,” he said.

“If you use the same password across multiple services, and just one of those services has been compromised, I recommend you change the password on all services. I also recommend you use a different password for every service.”


Staff Reporter  |  Journalist  |  @ProBonoNews



Get more stories like this

FREE SOCIAL
SECTOR NEWS


YOU MAY ALSO LIKE

Following in one charity’s AI-powered footsteps

Ruby Kraner-Tucci

Wednesday, 29th March 2023 at 4:09 pm

Preparing the NFP sector for Privacy Act and cybersecurity reforms

David Spriggs

Monday, 27th March 2023 at 1:37 pm

There’s no need to fear, cryptocurrency is here

Ruby Kraner-Tucci

Wednesday, 22nd March 2023 at 1:20 pm

Recognising the sector’s excellence in technology

Contributor

Tuesday, 21st February 2023 at 9:37 am

pba inverse logo
Subscribe Twitter Facebook
×