The Heartbleed internet vulnerability took the world by storm and shook up security admins everywhere. This includes the Bitcoin world where digital currency exchanges and companies rushed to secure their users and systems. According to itbusiness, a panel discussed the Heartbleed issue in relation to Bitcoin services at Toronto’s Bitcoin Expo.
Bitcoin Expo Panel Discuss Heartbleed
Michael Perklin, the director of the Bitcoin Alliance of Canada said at the Bitcoin Expo,
“Heartbleed was one of the biggest things to happen to the Internet in the past decade.”
This is certainly true since the internet vulnerability could allow private accounts to be compromised without the user knowing. In fact, Heartbleed could have had devastating effects on Bitcoin exchanges since all the transactions are done online. Therefore, it is prudent to protect users and customers from any more surprises, especially after the Mt. Gox debacle. Perklin said,
“Any secret that was ever used on that server, you have to regenerate that because you don’t know who used this exploit on you yesterday. You have to go back and regenerate every bitcoin private key on that service.”
CAVirtex Worked Fast to Fix the Flaw
CAVirtex, Canada’s biggest Bitcoin exchange, did exactly as Perklin said even before Heartbleed became wide known. As soon as the Bitcoin exchange found out about the vulnerability, it hastened to solve the issue before it worsened. This is according to the company’s business development manager Reed Holmes.
In addition to solving the problem, CAVirtex told customers what was going on and what the company was doing to fix the Heartbleed issue. Users were advised to change passwords. Holmes said at the Bitcoin Expo,
“We were very proactive on it. We told our customers, we kept them up to speed to let them know we were doing everything we can to combat this bug and if you feel at all uncomfortable, go in and change your password.”
Coinkite’s Peter Gray Speaks About Heartbleed
Peter Gray, Coinkite’s chief technology officer, believes that already having a good security system lessened Heartbleed’s impact on CAVirtex and Coinkite. Coinkite is a popular digital currency wallet. Both of these websites use two-step authentication which allows for extra security measures. Gray explained at the Bitcoin expo,
“Two factor authentication is pretty good protection against Heartbleed. It’s a one time code and if it were to be leaked to Heartbleed, you wouldn’t need to worry because it’s going to change again tomorrow.”
In addition to having a two-step authentication, CAVirtex and Coinkite both have Cloudfare which alerts potential threats before they hit the server. According to Gray, this allowed the company to be deal with Heartbleed faster than the mainstream media.
Service providers are responsible for keeping their servers secured; however, users also have to be aware of how to keep their private information safe. This way there will be a double layer of protection for the consumers.