Firefox and Chrome Browser Extensions that Check for Heartbleed

toggle-button

The Heartbleed bug is a very nasty Internet problem that affects us all. Dealing with it is complex and not clear-cut at this time but one thing that many Internet users want to do is check sites to see which ones might still be subject to the bug.

A previous article gave some ways to check sites but a simpler method is now available with new browser extensions for Firefox and for Chrome. How accurate these extensions are I don’t know and they have some other limitations but I still thought it worth pointing them out. 

Heartbleed-Ext 3.0 for Firefox browser

This extension is available here. It places a small bleeding heart icon in the browser menu bar. When you go to a website, the heart icon shows green for a site that is “safe”, red for a site still vulnerable to the bug, and yellow for possibly vulnerable. I found that it stayed white for many sites, indicating that it could not determine the status of the site. 

The extension does not itself check a site but uses the web service of Filippo Valsorda mentioned in our previous article. The green icon does not distinguish between sites previously vulnerable but patched and sites that never had the problem.

Added: Unless you refresh a tab, it seems that you may get a result that is left over from a previous site.  

Chromebleed for Chrome browser

The extension is available here. A bleeding heart icon is placed in the browser menu bar. If you go to an unpatched site, a popup warning will appear. Popups also show indicating some sites as “safe”. This extension also uses the web service of Filippo Valsorda. As with the Firefox extension, a “safe” rating does not distinguish between sites previously vulnerable but patched and sites that never had the problem.

Unfortunately, instructions are lacking but I found from the reviews that you have to enable the extension setting “Allow access to file URLs” and also the extension option “Show all notifications” and restart Chrome.  I found that there was sometimes a delay of 15 seconds or more after I went to a site before the popup window appeared.

A note of caution

At the time of this writing, there are questions about the effectiveness of patches for the Heartbleed bug. The recent problems reported about the patches issued by Akamai means that there may be ambiguity in the rating “safe” given to some sites.There are still no easy solutions to this major security problem.

Get your own favorite tip published! Know a neat tech tip or trick? Then why not have it published here and receive full credit? Click here to tell us your tip.


This tips section is maintained by Vic Laurie. Vic runs several websites with Windows how-to's, guides, and tutorials, including a site for learning about Windows and the Internet and another with Windows 7 tips.

Click here for more items like this. Better still, get Tech Tips delivered via your RSS feeder or alternatively, have the RSS feed sent as email direct to your in-box.

Please rate this article: 

Your rating: None
4.666665
Average: 4.7 (15 votes)
toggle-button

Comments

Vic,
Am I missing something? Seems a lot of people are trying to test http sites instead of https sites?
Seems to me there is a lot of hype on this one, and I am not implying that there is no danger. There is, but from my understanding of this, if someone can write an exploit they will have almost unlimited access to any vulnerable site server and there are no protective measures, especially since the Akamai patch was incomplete. But since Akamai says its first patch of OpenSSL was incomplete (akamai failed heartbleed patch cnet seth ), are the tools like this one searching fot the right parameters? Trusting websites based on the tools could be as harmful as trusting them without the tools. I just emailed the vendor of this FF extension to see if he is aware of the Akamai problem.
On the other side of the coin, so far it appears that only the NSA is exploiting this one.
It is hard to have any peace of mind with any tools given the unknowns, but it is probably not yet the time for everyone to put their money in the UTM (under the mattress) Bank.

Off subject: This is a very difficult site to make comments for people who are suffering cataracts.

You are right that there is considerable confusion about http vs. https sites. As to the Akamai patch, I am no expert in this area, but I believe they have said that the original bug has been rectified and they have reissued SSL certificates. Whether the update has been applied by everybody I don't know. Also, while Akamai is a major service in this area, there are others. Whether the various tests for the Heartbleed bug are 100% effective, I don't know. This whole situation continues to be a big mess.

Here's my experience. I'm running Waterfox and have Speed Dial, Gmail, Yahoo Mail and this article open and the heart was green. Then I opened up Pirate Bay and it turned yellow. I closed out Pirate Bay but the heart stayed yellow. I clicked on all the tabs and it stayed yellow. So, I decided to Reload All Tabs and then it turned back to green upon doing so. It has worked each time I have tried it. So, evidently you have to reload your tabs after the heart turns a color other than green when you load and subsequently close a site that changes it from green?

Thanks for telling us your experience. Others have also found that you have to reload. I haven't seen this problem in my own tests and I don't know what particular browser configuration or combination of add-ons causes what you experience.
I have added a sentence to the article about having to refresh.

Thanks for this tip. You're the best.

SUCCESS!!!

Finally everything is working.

This is what I found:

When one of the sites from the vulnerable sites is loaded depending on the problem with the site a number of errors are identified by Heartbleed.
There are may reasons the site may be bad. See FAQ:

https://filippo.io/Heartbleed/faq.html

It almost always marks the vulnerable site correctly, but in at least one instance it found to the site to be: "Uh-oh, something went wrong" and the white center of the Hartbleed hart did NOT turn red.

So in that case unless you place the site address in the Hartbleed tester you would not know it was vulnerable. This site was: adultbay.org:443

In the 6-7 other sites I tried the Hartbleed hart the notification icon instantly changed from a white center to a solid red center.

Thanks for the help.

Brian

Thanks again for the comments.

I closed out the 3 vulnerable web sites and restarted Firefox.

Even before any of the 12 sites that firefox loaded up, the Red bleeding hart showed up in the notification area.

These are the 12 sites that loaded up and with the red hart being displayed are vulnerable:
http://www.7tutorials.com/simple-questions-what-two-step-verification-au...

http://www.howtogeek.com/117047/htg-explains-what-is-two-factor-authenti...

http://www.yubico.com/products/yubikey-hardware/

http://www.techsupportalert.com/content/how-tell-if-website-dangerous.htm

http://www.techsupportalert.com/content/twelve-really-useful-links-you-n...

http://www.techsupportalert.com/content/cameyo-application-virtualizatio...

http://www.thewindowsclub.com/browser-extensions-protect-heartbleed?utm_...

http://www.techsupportalert.com/content/how-check-if-website-has-been-af...

https://filippo.io/Heartbleed/#55188.com:443

https://gist.github.com/dberkholz/10169691

http://www.techsupportalert.com/content/firefox-and-chrome-browser-exten...

I then opened
aremo.com.br:443
Yes, it did come up as vulnerable!
aremo.com.br:443 IS VULNERABLE.

Here is some data we pulled from the server memory:
(we put YELLOW SUBMARINE there, and it should not have come back)

And as expected, the red bleeding hart is displayed at the bottom of the window screen.

NOTE: I should make one correction.
The bleeding hart is actually NOT in the notification area.
It is in the area of the screen where the notification bar is displayed if I close the notification bar by moving the cursor to the window view. That is, the bleeding hart is among the Icons that are displayed when the notification bar is closed.

I am sure that all of the sites that opened are not vulnerable; but if just one is vulnerable would the bleeding hart indicator open and stay displayed until the one vulnerable site is closed?

Thanks for the help.

Brian

Thanks for the comments and suggestions.

This is what happened when I loaded three of the vulnerable websites:

adultbay.org:443
Uh-oh, something went wrong: x509: certificate is valid for ,
not adultbay.org

http://55188.com:443/
400 Bad Request The plain HTTP request was sent to HTTPS port
Microsoft IIS 5.0 RelaxPig Edit 10207

[Link removed. As per our site rules, links to red rated WOT sites are not permitted]
WOT Warning: This site has a poor reputation based on user ratings.
NOTE: The hart in the notification area now changed to bleeding!!

However, after the 3 web sites are closed I still have the bleeding hart displayed.

I will send this message and restart Firefox and see if I have the red hart or the bleeding hart.

Thanks for the help.

Brian

Vic,

Can any post a test site that will show a site that will display as vulnerable?

I have the Heartbleed extension installed on my computer.

When I open 14 sites in Firefox a red heart is displayed in the notification area for every one of them! (Including http://www.techsupportalert.com/ !!!). And when I use the Heartbleed test to check each of them,the test results show that NONE of them are infected!

Is any one else have this problem? Or is there a flaw or problem with the extension?

Brian

I looked at some sites with the Firefox extension and got no red. I don't know why you are seeing all these red ones. Anybody else have this result? At this time, I do not have a link for a test site. Anybody have one to suggest?

I', getting red on this one even though it is not a secure site
h
ttp://thai.senate.go.th/in/english/back.office/search/resultadv_2_x.php?keywords=Activities+in+the+Senate&Submit=GO!

You can go to https://gist.github.com/dberkholz/10169691 and find sites that test as vulnerable in the list given there. However, I do not know what else is on these sites so you are on your own if you want to try them. I tried one in Firefox and the extension duly turned red.