'Heartbleed' bug causes headaches for Montreal accountants
The five days the Canada Revenue Agency’s online services were offline has made it difficult for many accountants to do their jobs.
Chartered professional accountant Dan Blumer says he was able to complete tax returns for his clients, but had to wait to send them.
“We have hundreds of them in cue waiting to be e-filed and as soon as the website is back up and running,” he said.
The Heartbleed bug was discovered last week, but it appears to have gone undetected for years.
Heartbleed is a glitch that affects open-source software, which is at the centre of applications used to encrypt internet communications.
It can reveal the computer's memory, including passwords and credit card numbers.
It can also allow hackers to impersonate other servers.
It's still unclear exactly how many websites may have been compromised.
"Because it leaves no trace, hackers can be at it all day long collecting data," Internet security expert Terry Cutler said.
The CRA decided to shut down its web services to protect Canadians from any information leaks that may occur.
“The biggest problem we're going to see now is that people aren't going to trust what they are doing online, banking or online transactions,” says Cutler.
Each website has to repair the glitch itself, which could take days.
Cutler says there's a way to check if the site you're using has been compromised. A downloadable plug-in called Chromebleed will check if the website you’re visiting is still vulnerable to the glitch if you browse the web using Google Chrome.
Internet users should change their passwords only if they know the website they’re visiting as fixed the problem.
Now that the CRA website is back up and running, people can go online and file their taxes.
Because of the outage, the deadline to file has been extended to May 5.