Google Knew About Heartbleed Bug But Kept it Hidden?
By Precious Silva | April 30, 2014 9:49 AM EST
The Heartbleed bug has caused quite a ruckus for the past few weeks. Many websites were affected even top pages like Google, Facebook and Yahoo. The Heartbleed bug poses threat to websites using OpenSSL encryption protocol. This means hackers can attack networks, intercept communication and access confidential and personal information. According to recent reports, Google may have found out about the earlier but chose to keep it hidden. What really happened?
Google's vice president of data centres Joe Kava gives a speech during the opening ceremony of the Google data centre in Changhua Coastal Industrial Park, central Taiwan, December 11, 2013. Google Inc. said on Wednesday it will double its planned investment to $600 million for its data centre in Taiwan to cater to the world's fastest growing technology consumer markets. REUTERS/Pichi Chuang
According to The National Journal, Google may have gotten a good head start fixing the Heartbleed bug but chose not to disclose it. According to the report, the internet giant may have found out about the bug last March but failed to inform anyone.
To a certain extent, this does not come as a surprise. Most tech and website companies work on patching security flaws and services before disclosing it to the public. However, according to The National Journal: "keeping the bug secret from the U.S. government may have left federal systems vulnerable to hackers."
Google kept silent regarding the bug although "the government encourages companies to report cybersecurity issues to the U.S. Computer Emergency Readiness Team, which is housed in the Homeland Security Department," the report notes.
Although Google may have earned a few frowns from the government for keeping the bug a secret, users of the search engine and its related services can find it assuring that the company has started addressing the threat. Google has been patching its services to avoid confidential information from getting hacked. Over the last few weeks, website and tech firms will be working on their security certificates to protect networks against possible attacks.
CNET has compiled a list of websites offering updates which ones have been patched and which ones remain safe. Users can wait for updates from the websites they use about what to do next for Heartbleed.
To contact the editor, e-mail: