We all know that a security bug named Heartbleed has already bitten yahoo mail, the Canada revenue and other web service. Even this bug causing heartache on more than hundreds of severs all over the internet, security researchers also warned that this security bug also allows direct hacks of Android.
Ars Technica explains very well about how your Google powered Android devices could be affected by Heartbleed. As there are lots of tweaked and forked versions of the Android version out there, it's very tough to provide a list of devices which are affected by this security bug.
But the good new is that there is a free android available over google play store i.e. Heartbleed Detector developed by Lookout Mobile. In this article I will cover thing you need to know about this Android app.
Heartbleed Security Scanner?
Heartbleed Security Scanner for Android helps detect whether your Android device is affected by the Heartbleed bug in OpenSSL and whether the vulnerable behavior is enabled.
This application is developed by Lookout, the leading mobile security company that builds security & antivirus technology that protects people, business, governments, and critical infrastructure from the growing threats in the post-PC era.
How it Works?
Heartbleed Security Scanner works by determining what version of OpenSSL your device is using. If your device uses one of the affected versions of OpenSSL, we then check to see if the specific vulnerable feature called heartbeats is enabled.
How to Use it?
Download and open this app and run it, It will let you know whether your gadget holds the defenseless form of Openss that Heartbleed influences. It will likewise let you know whether the Heartbeat extension that has the coding bug is empowered. In the event that you don't have the powerless variant, or you do, however the extension isn't empowered, you ought to be okay. Else, you better hold tight and act painstakingly until your OS is fixed.
When I executed this app on my device running on Android 4.3, which returned the screenshot below.
You can also follow below tips which are shared by security experts contacted by CNET to make sure your information is protected:
- Do not log into accounts from afflicted sites
- Once you've got confirmation of a security patch, change passwords of sensitive accounts like banks and email first.
- Don't be shy about reaching out to small businesses that have your data to make sure they are secure.
- Keep a close eye on financial statements for the next few days.
Considerably in the wake of emulating these rules, there is still a few hazard in surfing the Web in the wake of the bug. Heartbleed is even said to influence program treats, which track clients' action on a site, so actually going to a powerless site without logging in could be dangerous.
Give a try to above application and tips. Don't forget to share your experience with us regarding Heartbleed