Share on facebook
Share on twitter
Share on pintrest
Share on linked-in
Share on google plus
A Bleeding Heart in Live Chat Software?
DATE
Live Chat Blog Published On
TAGS
Live Chat Blog Tags
AUTHOR
Live Chat Blog Author
VIEWS
Live Chat Blog Views

10 April 2014

Gemma Baker

59

A Bleeding Heart in Live Chat Software?

On or around the 4th April 2014 people started murmuring about a massive security flaw, hitherto undiscovered, that pointed towards thousands of popular websites being in this vulnerable state for over 2 years. Interest grew but information was limited and the truth behind the Heartbleed bug began to bend and break under the weight of speculation.


A Bleeding Heart in Live Chat?

It wasn’t until the 7th April that information went public. [1] Codenomicon, The cybersecurity firm behind the discovery explained that the security flaw went unnoticed for 2 years because of the large amounts of work that had to go into this kind of manual testing.

 

Okay, but what exactly does this mean?

To paraphrase Condenomicon’s FAQ website on the Heartbleed bug, the problem lies with OpenSSL. This widely popular cryptographic software is ubiquitous in open source web servers like Apache and nginx – two of the most popular platforms on the web.

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. Absolutely everything that SSL channel, from the names and passwords of the users to the actual content, is accessible. Millions of sites rely on SLL connections to transfer sensitive data; hackers can steal this straight from the services and use it to impersonate users.

The total number of affected sites is still something of a guessing game, but one GitHub member took a sample of over 10,000 sites and found that 17% of websites with SSL installed were vulnerable.

 

Is my live chat software at risk?

We can’t speak for other live chat providers, but Click4Assistance uses an alternative SSL implementation. Third party programs and tests from our engineers show that our software is 100% safe from the Heartbleed vulnerability. This includes your actual chats, archived chats, mid-chat file transfers, co-browsing session and other activities that are performed over our SSL connection. This means there is no need to change your Click4Assistance Toolbox password.

If you pass information from our live chat software on through other websites or programs, we recommend using the Heartbleed Test from Github to check they are secure.

Have any questions or concerns about the Click4Assistance Live Chat Software and Heartbleed bug? Don’t hesitate to contact us on 0845 123 5871 or via theteam@click4assistance.co.uk

 

 


[1] According to the heartbleed.com website


WE HELP BUSINESSES COMMUNICATE

UK providers of live chat software and online communication tools to a range of industries, we offer a cutting edge, resilient and proven live chat solution backed-up with first class support and advice.

FIND OUT MORE

Live Chat Software Author

BLOG ARTICLE AUTHOR: GEMMA BAKER

Gemma is a Marketing Executive for UK web chat Provider Click4Assistance, with a range of knowledge in live chat software and customer engagement channels, customer service methods and improving online business.





SMALL OR MEDIUM SIZED ENTERPRISE

Cost-effective live chat software, proven to increase lead generation and customer satisfaction. Easy to implement and customise, the solution supports your business out of hours with the ‘leave a message’ feature.

CORPORATE ORGANISATION

Integrate our compliant solution with your existing systems for a seamless implementation. Intelligent chat routing ensures multiple department capabilities. Measure your ROI and monitor operators’ KPI’s with the Advanced Reporting Suite.

THE PUBLIC
SECTOR

Increase productivity, reduce resource costs and improve customer satisfaction by answering multiple enquiries simultaneously with live chat software. Mitigate budget restraints, support digital transformation and help customers during online processes.