Meghan Neal: The Heartbleed Bug Will Lurk in the Internet of Things for Decades

Source: „The internet is still reeling from the Heartbleed bug discovered this week, which ripped a hole in the popular OpenSSL encryption library that left web servers bleeding out buckets of data—and not just any data, the kind of data people had specifically taken pains to protect: private information, passwords, cryptographic keys, security certificates, and so on.
But with all eyes trained on the huge swatch of the web that was found vulnerable to the nasty bug, let's not forget that thousands of network-connected devices, the nascent Internet of Things, are also embedded with OpenSSL. And unlike the Yahoos and Googles, which have already upgraded to the fixed version of OpenSSL, the infrastructure of the web is even less secure. It will be significantly harder to stop the bleeding in hardware devices, experts say, and in many cases will never be patched at all.
Anything from industry IT equipment to home automation systems are vulnerable: wireless routers, cable boxes, security cameras, and an array of smart gadgets.”
 


| More