Feeds

Study: Users don't much care about Heartbleed hacking dangers

Pew finds the public less interested in flaw than previous incidents

Secure remote control for conventional and virtual desktops

Despite dire warnings from security experts and a massive public awareness campaign, users are less aware of the Heartbleed flaw than other recent security threats.

So say researchers with the Pew Research Center. According to a public survey of 1,501 people conducted by the company, less than one fifth feel they are well versed on the dangers of the flaw, and less than 40 per cent have taken action to protect their accounts.

The survey (PDF) polled users on both the level of their awareness on the data-leaking OpenSSL flaw and the steps they have taken to change credentials which may have been harvested by attackers. The study of 1,501 American adults was taken in the midst of the Heartbleed scare between the 23-27 April.

During that time, researchers found that 60 per cent of adults had heard of Heartbleed in some form, though 41 per cent said that they had "a little" information about the flaw and just 19 per cent had heard "a lot" about it.

Additionally, just 39 per cent of those polled said they had taken steps to secure their accounts against attacks by changing passwords or canceling unused accounts.

Those numbers, say researchers, indicate far less interest among the public in Heartbleed than other recent security threats. Pew studies in the past found that events such as the Edward Snowden data leaks drew heavy interest from more than half of all internet users, while other recent current events have caught the public attention at a higher clip than Heartbleed coverage.

"The Heartbleed story registered roughly the same level of public awareness as the U.S.-Iran negotiations and agreement to allow monitoring of Iran’s nuclear program (in November and December 2013) and Catholic Bishops in the U.S. protesting Obama Administration policies they believe restricted religious liberty (July 2012)," Pew wrote in its report on the survey.

While public awareness is lacking, many of the enterprises and service providers most impacted by Heartbleed have been taking major steps to alleviate the danger posed to their systems by the OpenSSL vulnerability.

While the Heartbleed fix has been a challenge for administrators, end users can (and should) reduce their risk with simple steps such as updating software and firmware and changing up passwords. ®

New hybrid storage solutions

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.