Usually, when System Administration and Security are done well, they’re invisible – you only notice it when something has gone wrong and you’re waiting for a fix. Then occasionally an issue comes along that puts system security in the spotlight.
The Heartbleed Bug has done just that. In essence, the Heartbleed bug is a major flaw in a vital component of secure communication online. The end result? Attackers potentially being able to read information that is being sent via a secure connection: the sort you use to send banking info, pay with a credit card, and log into your favourite sites like gmail and yes, Civic Mirror.
How bad is this? Bad enough to have security experts like Bruce Schneier calling saying “On a scale of 1 to 10, this is an 11”.
Unfortunately some news agencies are telling everyone to change their passwords everywhere, something great to do on secured systems, but that could increase risk on a server running a vulnerable version of OpenSSL.
Our programming team kicked into action with the announcement of the Heartbleed bug, and have patched our OpenSSL to a version that is Heartbleed proof. Though our clients’ Civic Mirror countries are fictional, the time and effort they put into creating and working in them is real, as is their learning experience – not to mention their grades!
Which is why we take your security seriously. From Heartbleed to DDoS attacks, the Civic Mirror team respond rapidly to ensure the continued security of our servers and your class’ simulations.