10 April 2014 | 5964 views

A Bleeding Heart in Live Chat Software?

A Bleeding Heart in Live Chat Software?

On or around the 4th April 2014 people started murmuring about a massive security flaw, hitherto undiscovered, that pointed towards thousands of popular websites being in this vulnerable state for over 2 years. Interest grew but information was limited and the truth behind the Heartbleed bug began to bend and break under the weight of speculation.

A Bleeding Heart in Live Chat?

It wasn’t until the 7th April that information went public. [1] Codenomicon, The cybersecurity firm behind the discovery explained that the security flaw went unnoticed for 2 years because of the large amounts of work that had to go into this kind of manual testing.

 

Okay, but what exactly does this mean?

To paraphrase Condenomicon’s FAQ website on the Heartbleed bug, the problem lies with OpenSSL. This widely popular cryptographic software is ubiquitous in open source web servers like Apache and nginx – two of the most popular platforms on the web.

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. Absolutely everything that SSL channel, from the names and passwords of the users to the actual content, is accessible. Millions of sites rely on SLL connections to transfer sensitive data; hackers can steal this straight from the services and use it to impersonate users.

The total number of affected sites is still something of a guessing game, but one GitHub member took a sample of over 10,000 sites and found that 17% of websites with SSL installed were vulnerable.

 

Is my live chat software at risk?

We can’t speak for other live chat providers, but Click4Assistance uses an alternative SSL implementation. Third party programs and tests from our engineers show that our software is 100% safe from the Heartbleed vulnerability. This includes your actual chats, archived chats, mid-chat file transfers, co-browsing session and other activities that are performed over our SSL connection. This means there is no need to change your Click4Assistance Toolbox password.

If you pass information from our live chat software on through other websites or programs, we recommend using the Heartbleed Test from Github to check they are secure.

Have any questions or concerns about the Click4Assistance Live Chat Software and Heartbleed bug? Don’t hesitate to contact us on 0845 123 5871 or via theteam@click4assistance.co.uk

 

 


[1] According to the heartbleed.com website

Popular Blogs

4 Sep 2018

The Ultimate Guide To Live Chat Software

Everything You Need To Know About Live Chat Software Integration And Why You Need It

Read more
23 May 2017

Insurance Firm Jumps into Implementing ‘Chat on your Website’ Software

Being an insurance broker can be difficult when there is a vast amount of competition offering the same products.  Ensuring your communication with your customers is accurate, fast and professional is vital when attracting new and returning customers.

Read more
5 Aug 2016

How to Add Live Chat to my Website? Use a Live Chat Plug-in

This article is part of a series that explains the various aspects when you are considering live chat for your website.  Whether your website has been built by your own developers, an outsourced development company, or you’re using a 3rd party solution such as WordPress at some point you will need to add a chat window plug-in.If your looking to add live support chat to your website, visit this link add live support chat to your website

Read more

Find out more

Live chat dashboard with chat window example

Live chat

Learn how live chat can help empower your organisation.

Find out more
Coni chatbot live chat support Arti AI for live chat business support

Chatbots & AI

Learn how chatbots and AI can help you engage with your audience.

Find out more
integrated omnichannel communications

Omnichannel

Connect with your audience using multiple omnichannels.

Find out more

Discover more

Want to see how live chat can work for your organisation?

See examples of web chat and chatbot implementations for your industry. Be inspired by how other companies in your sector use live chat!

Download web chat and chatbot examples for your industry

Embrace new ways of engaging with your audience!