Independent student content

BG Falcon Media

Independent student content

BG Falcon Media

Independent student content

BG Falcon Media

Support BG Falcon Media!
As part of BGSU's One Day fundraising effort, every dollar you contribute to Falcon Media will go directly to helping us continue to produce quality content. Every dollar helps. Donate here
The BG News
Follow us on social
BG24 Newscast
March 28, 2024

  • Visiting Author: Sheila Squillante
    Last week, the visiting author, Sheila Squillante, presented the art of creative non-fiction at BGSU. Last year, her memoir came out. From Chatham University in Pittsburgh, PA, Squillante visited BGSU, last week. Previously, she has published collections on poetry, but most recently, her memoir, All Things Edible, Random and Odd  was published in 2023. “I […]
  • Petrofiction Review: Oil on Water
    Here’s my review of Oil on Water by Helon Habila – a petrofiction novel which won The Commonwealth Prize and Caine Prize. For context, petrofiction stems from petroleum and fiction. A specific text that focuses on petroleum culture in political economics and environmental impact. Although Habila’s novel begins with a journalist investigating a kidnapping, the […]
Spring Housing Guide

Heartbleed bug no longer problem

Although the Heartbleed Bug was a widespread security breach, students no longer have anything to fear.

The Heartbleed bug was a security vulnerability discovered in early April that affected many websites, and opened Internet users up to having their sensitive information being accessed by others.

Any website that uses open SSL, an open source software, is vulnerable to the bug, said Robert Green, assistant professor of computer science.

When PCs and servers communicate, a server sends a computer a word, and asks for the computer to send back a word with the same amount of characters.

“[The server is] going to say dog, and you’d say three characters back,” Green said. “What the Heartbleed Bug does is, instead of that, [the server would] say dog, 10,000 [characters] … you read dog in your memory, and you send the rest of the memory after that until you hit 10,000 [characters].”

The extra information sent could include things such as passwords, user names and other sensitive information.

The bug existed for two years before it was found, said Matthew Haschak, director of IT security and infrastructure.

Once it was found, solutions to the problem were quickly sought out.

“It became a race between the hackers trying to take advantage of it, and the good guys trying to fix everything before hand,” said Haschak.

Green said the bug was quickly fixed after it was found.

“The good thing is it was fixed really rapidly after it was found,” he said. “Everyone is making a bigger deal of it than it is because it was fixed so rapidly.”

Once the bug was found, patches were made in order to fix it.

Now, there are checks in place to count the number of characters sent between servers and computers to keep the security breach from happening, Green said.

The fix was only a few lines of code, he said.

“As far as bugs go, this is one that was extremely simple to fix,” Green said.

In response to this bug, the University tried to patch its systems as quickly as possible, Haschak said.

There were 82 systems to patch, but there were a handful the University didn’t have full control over, such as fire walls, and had to wait for those specific software producers to release a patch.

“We were kind of in a holding pattern from there,” Haschak said.

This bug opened up websites to attackers, and the University was able to see that activity after the patches were made.

There were about six “attackers” after the patches went up, but they weren’t able to take advantage of the bug because of the security updates, Haschak said.

Although the security vulnerabilities have been patched, Chief Information Officer John Ellinger encourages students to change their passwords.

“The only thing [students] needed to do is to change their password after they have been informed,” he said.

Green said students should also use different passwords for different websites.

Students should be cautious of emails asking them to change their passwords.

“Whenever an event like this happens, the bad guys know that we’re telling students to change [their] passwords,” Green said. “They will act like security or ITS and bring them to bad website … Be wary of communications asking you to click on a link to change your password.”

Leave a Comment
Donate to BG Falcon Media
$825
$1500
Contributed
Our Goal

Your donation will support the student journalists of Bowling Green State University. Your contribution will allow us to purchase equipment and cover our annual website hosting costs.

More to Discover
Donate to BG Falcon Media
$825
$1500
Contributed
Our Goal

Comments (0)

All BG Falcon Media Picks Reader Picks Sort: Newest

Your email address will not be published. Required fields are marked *