How To Protect Yourself From ‘Heartbleed’ Bug On Android
This past Monday will go down in the history of the Internet forever, since that was the day when the world came to know of the existence of the crucial security flaw in the OpenSSL library – a bug that allowed attackers to exploit any secure system and collect up to 64k of otherwise-considered-secure information from any server employing the vulnerable SSL protocol; a bug that was dubbed Heartbleed. The fix was released, and almost the entire Internet has patched its servers, but did you know that mobile devices could’ve been affected, too? Well, if you own an Android device, Lookout is here to save you!
The famous mobile security company has released a free app over at the Google Play Store that will allow users to check and verify if their Android is vulnerable to the exploit. The app, named Heartbleed Detector, will check what version of OpenSSL your device is running, and based on the information, advises whether you have been affected or not.
Lookout’s Heartbleed Detector, however, is not a cleaner or fix for the problem. In fact, just as its name goes, it can only detect if the bug affected you, but beyond that, the measures are your own to take. Google has been releasing patches for different versions of Android to OEMs, so the OTA software update that you might have seen (or will see hopefully soon) will fix the problem for you. Meanwhile, Heartbleed Detector will help you put your fears at ease by knowing how much did you lose. If your Android device hasn’t received a patch update notification yet, keep checking back, as Google is pursuing these rather aggressively.
It’s also again advised that don’t change all your passwords just yet – not until you have confirmation that the service in question has patched its servers. Most of the major web services have already employed the Heartbleed fix. Likewise, users of LastPass are also in luck, since the company is taking it upon itself to notify users of compromised passwords, all in good spirit. Hopefully, we’ll be over this nightmare soon, but in the meantime, you should take all the possible measures to ensure your online safety.