There were widespread security concerns yesterday after the discovery of an old flaw that could affect web servers and Internet-connected devices - but many in the industry are claiming it presents no immediate threat to bitcoin services.
The vulnerability, dubbed either the 'Bash Bug' or the 'Shellshock Bug', would allow a malicious access to a UNIX-based device's operating system via the command line shell - the most widely used of which is bash.
Jeff Garzik, bitcoin core developer and now senior software engineer at BitPay said there is no clear and present danger to bitcoin users.
"Prediction: bash bug NOT bigger threat than heartbleed," he posted on a Reddit thread. Garzik told CoinDesk that, while the newly-discovered bug had the potential to be bad, "Most online services using bitcoin are far more secure than your average home router".
At this stage, there are no reports of any exploit of the Bash Bug affecting any bitcoin-related services.
Bitcoin services may potentially be a more attractive target for hackers and thieves than more established, fiat-based services like online banking and PayPal.
Because the bug allowed malicious hackers full access to an operating system there was potential for any kind of attack, from stealing bitcoin wallets to installing keyloggers and backdoors.
"However, as a centralized provider of exchange or wallet services it is possible to be affected by the bash bug. Due to the presence of this vulnerability, open SSH, HTTP, FTP and other application servers are all at risk of being remotely accessed and controlled by a hacker."
The Bash Bug vulnerability stems from a serious security flaw that exists in the bash command 'env'.
YC explained how the bug could be exploited, saying that many web servers send the user's HTTP request information, REQUEST METHOD, QUERY-STRING, etc) stored in an environment variable, to the backend Web framework or CGI scripts.
'Bash Bug' a Concern, But Little Threat to Bitcoin Services
에 게시 됨 Sep 26, 2014
by Coindesk | 에 게시 됨 Coinage
Coinage
이 기사에서 언급
최근 뉴스
모두보기
First Mover: What's Next for Bitcoin as Wall Street Gets Vaccine Booster
Bitcoin was higher for a second day, staying in a range of between roughly $15,200 and $15,600, as news of progress in developing a coronavirus vaccine appeared to touch off a rally in U.S. stocks.
Market Wrap: Bitcoin Fails to Break $15.9K; Over 50K ETH Staked on Eth 2.0 Contract
Bitcoin gained Wednesday while Ethereum 2.0 staking has been ramping up.
Citibank Analyst Says Bitcoin Could Pass $300K by December 2021
A senior analyst at U.S.-based financial giant Citibank has penned a report drawing on similarities between the 1970s gold market and bitcoin.
Blockchain Bites: Data Unions. Hard Forks. And One Citi Analyst's Case for $300K BTC.
A Citibank managing director thinks bitcoin could hit $318,000.