• BURN MEDIA
    • Motorburn
      Because cars are gadgets
    • Gearburn
      Incisive reviews for the gadget obsessed
    • Ventureburn
      Startup news for emerging markets
    • Jobsburn
      Digital industry jobs for the anti 9 to 5!

Meet Bash: the new bug that’s apparently worse than Heartbleed

Just when we thought it was all over, there’s a new bug in virtual town, and it’s called Bash bug.

A few months ago the web was up in arms about security concerns regarding the notorious Heartbleed bug. The encryption bug put OpenSSL under compromise which means that a lot of websites were forced to restructure their security in order to protect sensitive user information.

The security flaw is said to be inherent to computers’ shell which is the user interface to access operating system’s services like Command Prompt. This means that both PCs and Macs are vulnerable.

A blog post by Robert Graham from the research firm Erreta Security suggests that, similar to Heartbleed, Bash bug (also carrying the alias Shellshock) is dangerous because it “interacts with software in a number of different ways” and that an “enormous percentage of software interacts with the shell in some fashion.” He also tweeted that it’s potentially worse than Heartbleed:


Graham suggests that while modern web servers and the like will likely get patched, out-dated systems might not:

“Internet of things devices like video cameras are especially vulnerable because a lot of their software is built from web-enabled bash scripts. Thus, not only are they less likely to be patched, they are more likely to expose the vulnerability to the outside world.”

Graham does reassure us saying that while your primary servers are likely not affected by Bash bug, everything else probably is. “Scan your network for things like Telnet, FTP, and old versions of Apache (masscan is extremely useful for this). Anything that responds is probably an old device needing a bash patch. And, since most of them can’t be patched, you are likely screwed.”

Author | Nur Bremmen: Staff reporter

Nur Bremmen: Staff reporter
Nur is an enigma with a passion for creating words. He recently entered a love affair with technology and chorizo sausages. He travels a lot -- you catch him, if you can, at a Silicon Cape event every now and again. More
  • Sam Hill

    This article was written for what? Better question is, why was it published? Sometimes it’s better to not smoke a cigarette, afterwards.