OpenSSL Heartbleed Vulnerability Does Not Affect bTrade Customers

Clifton Gonsalves

The OpenSSL vulnerability announced on April 7, 2014, also referred to as the Heartbleed bug (CVE-2014-0160), gives hackers the opportunity to obtain the encryption keys used to secure content that is transmitted over SSL/TLS sessions.  SSL continues to be under attack.  Heartbleed follows BEAST, as well as a few other known bugs reported  in SSL.  Scores of applications/websites have been affected by Heartbleed, and will continue to be affected for days to come.

The good news for bTrade customers is that you will not be affected by Heartbleed.  Depending on the bTrade solution you use, it either does not use OpenSSL, or the OpenSSL version used is not affected by Heartbleed.

That said, we would like to take this opportunity remind everyone, customers and non-customers alike, of the importance of data security in our day-to-day lives.  Since SSL is being continuously attacked, we recommend that you not rely solely on SSL or SSH to secure your file transfers.  To ensure a higher level of security, you should first encrypt the data, and then transmit using a secure protocol.

If you want to learn more about how we can help to secure your data transfers, including through the use of our encryption/compression solutions, please contact our data security experts at info@btrade.com.

Hearbleed