How to Check if Your Android Device is Vulnerable to Heartbleed
By Judith Aparri | April 15, 2014 4:52 PM EST
The Canada Revenue Agency website is seen on a computer screen displaying information about an internet security vulnerability called the "Heartbleed Bug" in Toronto, April 9, 2014. Right in the heart of tax-filing season, the Canada Revenue Agency (CRA) shut down access to online tax services on April 9, 2014 because of an Internet bug that has made data on many of the world's major websites vulnerable to theft by hackers.
The bad news is that the infamous bug is not quitting yet. The security bug might already have been on your favorite Web sites and even affect mobile devices, baring your sensitive login details such as passwords. Heartbleed lets anyone get into a Web site and easily access its contents, passwords and encryption keys.
Web sites have their own way of protecting their contents against any attacker such as a virus, hacker or spammer who could simply make a mess out of the online contents, read confidential data or eavesdrop on communications like emails and chats.
One security method, used by Web sites called OpenSSL, has a version vulnerable to attack and anyone exploiting the bug can leave without a trace. This means those who have ever used any of these vulnerable OpenSSL versions were not secure.
As in the part of Google, it has announced its key services are patched, and cited Android to be unaffected, except those running Android 4.1.1 Jelly Bean. This mobile OS version was released in 2012 and still being used by famous mobile devices like tablets and smartphones manufactured by Samsung, HTC Corporation and other OEMs.
According to statistics, 34 percent of Android units are using 4.1 OS variations. Google said out of active Android devices, less than 10 percent are susceptible and there are 900 million devices worldwide that run Android.
Google already sent a fix to its partners. The trouble is, however, if its partners have already implemented it with carriers testing and updates. The partners and carriers hopefully are fixing this quickly with all the issues of Heartbleed in circulation these days.
You can check yourself if your Android unit is at risk. Find out what Android version is running on your device. Go to Settings -> About Phone. Also, Lookout, a security firm, released a free app to help you check if your device is vulnerable to Heartbleed and give you results. The downloadable app is called Heartbleed Detector.
If your device is affected, you need updates that bring in the fix. Check for those in Settings -> About -> Software update.
To contact the editor, e-mail:
Join the Conversation
Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT latest_id FROM site_artdata WHERE type='ib_articles_day2ago' Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT tid as num FROM biztimes_stats.stats_articles_au_pop WHERE maincat_id='6' AND outkey='Y' AND tid> ORDER BY hits DESC LIMIT 15Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT article_id as num FROM ib_categories_index WHERE tid=6 ORDER BY article_id DESC LIMIT 5
Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT latest_id FROM site_artdata WHERE type='ib_articles_day2ago' Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT tid as num FROM biztimes_stats.stats_articles_au_pop WHERE (maincat_id='1' OR maincat_id='2' OR maincat_id='6' OR maincat_id='7' OR maincat_id='9' OR maincat_id='24') AND local_id='0' AND typology_id<'11' AND tid> AND outkey_all='Y' ORDER BY hits DESC LIMIT 17Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT * FROM table_info WHERE table_name='ib_articles' LIMIT 1Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT id as num FROM ib_articles ORDER BY id DESC LIMIT 5