Heartbleed panic: Web bug causes security alert | Bangkok Post: learning

Learning > Learning From News (เรียนภาษาอังกฤษจาก ข่าวบางกอกโพสต์)

Heartbleed panic: Web bug causes security alert

Level switch:
  1. Advanced
- +

A software bug in a popular open source security program has sparked a frantic rush to secure essential computer servers around the world. 

Please join us on our Facebook page http://www.facebook.com/bangkokpostlearning

One of the most visited websites these days is http://heartbleed.com/, set up to help website managers deal with what is potentially a very serious software bug.

'Heartbleed' bug puts encrypted data in danger

SAN FRANCISCO, AFP — Trust in the Internet took a major blow on Tuesday as alarm spread that software commonly used to encrypt and secure online transactions could wind up giving away the store.

Computer security specialists, website masters, and fans of online privacy were worriedly abuzz with word of a freshly-discovered flaw in online data-scrambling software that hackers can turn to their advantage.

A bug dubbed "Heartbleed" in OpenSSL encryption software lets attackers illicitly retrieve passwords and other bits of information from working memory on computer servers, according to cyber-defense specialists at Fox-IT.

"Expect everybody who runs an https web server to be scrambling today," the Tor Project said in a warning posted at its website.

"If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle," it said.

OpenSSL is used to protect passwords, credit card numbers and other data coursing through the Internet.

Information considered at risk includes source codes, passwords, and "keys" that could be used to impersonate websites or unlock encrypted data.

OpenSSL is used by more than half of websites, but not all versions have the vulnerability, according to heartbleed.com.

The group behind open-source OpenSSL put out a security alert urging users to upgrade to an improved version of the software and gave credit for finding the bug to Neel Mehta of Google Security.

Part of the announcement that appeared on the website of the Canada Revenue Agency (CRA).

While it is not yet known whether hackers have exploited Heartbleed, operators of websites that used the vulnerable version of OpenSSL need to switch to secure versions.

By late Tuesday, software patches and updates were being rushed out.

Meanwhile, some website managers were taking extreme precautions to prevent compromising essential data.

Canada's tax agency shuttered its website Wednesday after warning that encrypted taxpayer data could be vulnerable to the "Heartbleed" bug.

The Canada Revenue Agency (CRA) said the decision, which comes only three weeks before the annual income tax filing deadline, was taken as a "preventative" measure.

Learn from listening

Click "play" to listen to Heartbleed panic: Web bug causes security alert and "Download" to keep this file for educational purpose.

Vocabulary:

abuzz: filled with noise and activity - เต็มไปด้วยเสียงดังอึกทึก

advantage: a condition giving a greater chance of success - ความได้เปรียบ

alarm: fear and anxiety that somebody feels when something dangerous or unpleasant might happen or has happened - ความกังวล

alert: a warning to people to be prepared to deal with something dangerous - การเตือนให้ระวัง

anonymity: when someone's name is not given or known - การไม่ระบุชื่อ

at risk: in danger - ตกอยู่ในความเสี่ยง

blow: an event that damages your chances of success - สิ่งที่ทำให้เกิดความเสียหาย

bug: a fault in a machine, especially in a computer system or program - ความบกพร่อง, ข้อผิดพลาด

compromise: to risk harming or losing something important; to reduce in quality, value, or degree; to weaken or lower - ยอมอ่อนข้อ

credit: to believe or say that somebody/something is responsible for doing something, especially something good - ให้เกียรติ, ยกย่อง, ให้เครดิต

cyber-: connected with electronic communication networks, especially the Internet - ไซเบอร์, คำนำหน้าหมายถึงคอมพิวเตอร์

dubbed: given a name - ตั้งฉายา, ตั้งชื่อเล่นให้

encrypt: to put information into a special code, especially in order to prevent people from looking at it without authority - เปลี่ยนข้อความให้เป็นรหัส

encryption: when messages sent between use a secret code so that others cannot read the message - เปลี่ยนข้อความให้เป็นรหัส, การนำข้อความมาทำให้เป็นรหัส

essential: necessary - ที่จำเป็น

exploit: to use unfairly for your own benefit - เอาเปรียบ, หาประโยชน์ใส่ตัว

extreme: very great in degree - ที่สุด

flaw: a fault; something wrong with something - ข้อบกพร่อง

hacker: a person who secretly finds a way of looking at and/or changing information on somebody else's computer system without permission - ผู้ที่มีความชำนาญในการใช้คอมพิวเตอร์ไปในทางที่ผิดกฎหมาย เช่น แอบขโมยข้อมูลจากคอมพิวเตอร์ในเครือข่าย

illicit: against the law - ผิดกฎหมาย

impersonate: to pretend to be somebody/something in order to trick people or to entertain them - เลียนแบบ, แกล้งทำเป็น, ปลอมเป็น

improve: to get better - ดีขึ้น

meanwhile: at the same time - ในเวลาเดียวกัน

open-source: computer software or other material that people are free to use and change to make new ones themselves - โอเพนซอร์ส [ซอฟต์แวร์โอเพนซอร์ส Open source software คือ ซอฟต์แวร์ที่เปิดแผยหลักการหรือแหล่งที่มาของเทคโนโลยีของซอฟต์แวร์นั้นให้บุคคลภายนอกได้ใช้

operator: a person or company that runs a business - ผู้ดำเนินกิจการทางธุรกิจ, ผู้ประกอบธุรกิจ

patch: a small piece of code (= instructions that a computer can understand) which can be added to a computer program to improve it or to correct a fault - การเแก้ไข

potentially: possible in the future - ที่อาจเกิดขึ้นได้

precaution: an action taken to protect people or things against possible harm or trouble - การป้องกันไว้ก่อน

privacy: the freedom to do things without other people watching you or knowing what you are doing - ความเป็นส่วนตัว

retrieve: to recover; to get something back, especially something that is not easy to find - ได้กลับคืนมา

rush: to move or do something very quickly - รีบเร่ง, วิ่ง

scramble: to move quickly but with difficulty; to take quick action to solve a problem - ทำอย่างรีบเร่ง

scramble: to change the way that an electronic message is sent so that only people with special equipment can understand it -

secure: to make something safe - ทำให้ปลอดภัย

secure: safe from attack or harm - ปลอดภัย

server: computer hardware and software that performs some service for all the computers on a network - เครื่องบริการ, ตัวบริการ๒. โปรแกรมบริการ [คอมพิวเตอร์]

shutter: to close, especially a business - ปิดตัวลง

source code: a set of instructions for a computer program that a computer programmer understands and that are translated into instructions that a computer understands - รหัสต้นฉบับ, รหัสต้นทาง, ซอร์สโค้ด

specialist: a person who is an expert in a particular area of work or study - ผู้ชำนาญเฉพาะทาง

spread: to gradually affect or cover a larger area - แพร่กระจายไปทั่ว

transaction: a business dealing - การติดต่อทางธุรกิจ

trust: a feeling of confidence in someone that shows you believe they are honest, fair, and reliable - ความเชื่อใจ, ความไว้วางใจ

upgrade: to make a project, a piece of machinery, computer system, etc. more powerful and efficient - ยกระดับ

vulnerability: a weakness; a weakness that makes someone/something easy to attack - ความอ่อนแอ, ข้อบกพร่อง

vulnerable: easily damaged or harmed - ซึ่งถูกทำลายได้ง่าย

warning: an action or statement telling someone of a possible problem or danger - คำเตือน, การเตือน

wind up: to find yourself in a particular place or situation - อยู่ในสถานการณ์

More on this topic

Related search: Heartbleed, web bug, OpenSSL

Bangkok Post online classifieds

Try buying & selling goods and properties 24/7 in our classifieds which has high purchasing power local & expatriate audience from within Thailand and around the world.

0 people commented about the above

Readers are urged not to submit comments that may cause legal dispute including slanderous, vulgar or violent language, incorrectly spelt names, discuss moderation action, quotes with no source or anything deemed critical of the monarchy. More information in our terms of use.

Please use our forum for more candid, lengthy, conversational and open discussion between one another.

  • Latest
  • Oldest
  • Most replied to
  • Most liked
  • Most disliked

    Click here to view more comments