Advertisement

Check if you have the Heartbleed vulnerability

Heartbleed Security Scanner is a very simple app from Lookout Mobile Security that tells you whether your phone is at risk from the OpenSSL Heartbleed bug.

It's exceptionally simple to use because there are virtually no options: open the app and it will automatically scan and tell you if your device is compromised.

Unfortunately, the simplicity means that it's incredibly limited and there's no detailed breakdown to see what apps could be affected, but it still works as a quick check in a pinch.

Description


The Lookout Heartbleed Detector can be used to determine whether or not your Android device is vulnerable to the Heartbleed bug in OpenSSL. This app works by determining what version of OpenSSL your device is using. If your device is using one of the affected versions of OpenSSL, we then check to see if the specific vulnerable feature called heartbeats is enabled.


What is Heartbleed?
Heartbleed is a software flaw in the OpenSSL “Heartbeat” function that helps keep secure connections alive. This function was found to be vulnerable to manipulation in a way that allows an attacker to steal up to 64K of data at a time from the active memory of affected systems. The bug, found by researchers from Codenomicon and Google, and filed with the following reference number – CVE-2014-0160, impacts any infrastructure that includes the affected versions of OpenSSL.


Will this app fix the Heartbleed vulnerability?
This app is not meant to fix this vulnerability, as this will need to be patched by Google or your device manufacturer, and it is only meant to keep you informed about the status of your device. The good news is that Lookout has not yet seen the Heartbleed vulnerability exploited on a mobile device, but you can stay updated with the latest information on our blog at blog.lookout.com.


Does this tell me if my apps are affected?
No. This app will not detect if any of the services or accounts (the apps and websites you visit) on your device are vulnerable and is only meant to detect vulnerabilities in Android.
In other words, your operating system might be fine, but the websites you’re accessing might not. Look out for emails from companies with whom you have online accounts. If they needed to issue a patch, hopefully they will be alerting their consumers. You can check out our blog on the issue here: https://blog.lookout.com/blog/2014/04/09/heartbleed/


Note on Permissions:
This app only uses the internet permission when you explicitly share the results of your scan with us. If you choose not to, we won't collect any information.

PROS

  • Very easy-to-use

CONS

  • Limited options
  • Better alternatives available

Program available in other languages



User reviews about Heartbleed Security Scanner

Have you tried Heartbleed Security Scanner? Be the first to leave your opinion!


Advertisement

Explore More

Advertisement

Advertisement

Laws concerning the use of this software vary from country to country. We do not encourage or condone the use of this program if it is in violation of these laws.