Tragic cases highlight need for safety focus in the Recycling Sector

Given the challenging nature of work, it’s no surprise that the recycling sector is classed as one of the most dangerous to work in, with HSE reporting one of the highest rates of workplace injury and work-related ill-health.

All Posts

SHE Software systems and services unaffected by heartbleed bug

heartbleed

We would like to reassure all our customers that SHE Software systems and services are completely unaffected by the heartbleed security flaw.

Heartbleed emerged this week as a major security flaw at the heart of the internet that may have been exposing users' personal information and passwords to hackers for the past two years.

It is not known how widely the bug has been exploited, if at all, but what is clear is that it is one of the biggest security issues to have faced the internet to date.  Security expert Brue Schneier described it as "catastrophic". "On the scale of one to 10, this is an 11."

You might be aware of the current issues surrounding a vulnerability in the heartbleed extension of OpenSSL, the open-source cryptographic library.  All SHE software systems and services are unaffected, while we do use Linux based load-balancers we do not use the vulnerable extension, so were never exposed to any risk.

Alan Gunn, Customer Service & Product Manager, SHE Software

What is the Heartbleed bug?

The bug exists in a piece of open source software called OpenSSL which is designed to encrypt communications between a user's computer and a web server, a sort of secret handshake at the beginning of a secure conversation.

It was dubbed Heartbleed because it affects an extension to SSL (Secure Sockets Layer) which engineers dubbed Heartbeat.

It is one of the most widely used encryption tools on the internet, believed to be deployed by roughly two-thirds of all websites. If you see a little padlock symbol in your browser then it is likely that you are using SSL.

Half a million sites are thought to have been affected.

In his blog chief technology officer of Co3 Systems Bruce Schneier said: "The Heartbleed bug allows anyone to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the name and passwords of the users and the actual content," he said.

"This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users," he added.

 

For more information on the heartbleed bug and information on improving the robustness of your passwords we recommend visiting this article written by the BBC technology department.

 

SHE Software Ltd
ABOUT THE AUTHOR | SHE Software Ltd
Investing in Health and Safety

Get your free guide to investing in Health and Safety software now!

Our free and impartial guide will help you through the buying process.

Get Your Copy
Recent Posts

Tragic cases highlight need for safety focus in the Recycling Sector

Given the challenging nature of work, it’s no surprise that the recycling sector is classed as one of the most dangerous to work in, with HSE reportin...

Read more

The changing face of health and safety

Health and safety doesn’t happen behind desks. So why are so many of our health and safety processes still desk based? Adopting an agile approach to h...

Read more

Staying Ahead In Health And Safety Management Webinar: Register Your Place

The workforce is rapidly changing and evolving. Digital disruption, coupled with an increasingly mobile and global workforce, has driven a huge shift ...

Read more