SHARE
Heartbleed: What you Need to Know.

Heartbleed; It’s the bug with a fairly ominous name and for good reason too. It’s already been called “the most dangerous security flaw on the web” and has effected millions of websites across the Internet. Big hitters such as Google, Apple, and Microsoft have covered up the bug, but until the fix is implemented everywhere, your information could still get out.

On Monday an emergency security advisory was released from the OpenSSL project warning about a bug called “Heartbleed.” Heartbleed is a bug that could be used to pull a small chunk of “working memory” from any server running OpenSSL’s current software. This means those who are so inclined could act as the server and uncover pieces of information which may or may not include sensitive information.

But what’s OpenSSL? Well, when you head to a banking website or websites that require you to enter secure information such as credit card details, you’ll probably notice a small padlock icon appear next to the website address on the address bar or instead of “http://” it’d be “https://”. A good percentage of secure websites used OpenSSL which has left some of your information vulnerable to anyone capable of exploiting this bug.

If you’re already panicking and are in the process of taking your life offline, you probably won’t want to hear that the bug is actually a pretty old bug and dates back as far as two years and OpenSSL aren’t actually sure who, if anyone, has discovered the bug. As of now many larger websites and a few smaller ones have applied the patch and have squashed the bug, but many have not.

So what can you do to prevent your information from getting out? The first and most important part is to change your passwords on any and all of your accounts, make it long and include both lower and upper-case characters, if you’re feeling adventurous you could also throw in a number or special character or two ( { ‘ ! ? ).

Next, there have been several tools created for discovering websites affected by Hearbleed as well as a list of websites that are known to still be on a server which has the Heartbleed bug. This website offers you the ability to check a website before you visit to see if it’s on an affected server. For those looking for a more hands-off approach there’s a Chrome extension available aptly called Chromebleed which simply displays a warning if you’re visiting a site effected by the bug.

For the most part this isn’t a reason for you to fully disconnect from the world to live in a hut in the middle of a forest but it is a little reminder that no matter how safe we think we are online, things can and will still go wrong. Until the Hearbleed bugfix is fully implemented across the web just stay extra vigilant and check the various tools available before you throw your sensitive information at them – no matter how much you want that cute mug with a doggy on it.

For more information on the bug check the source link below. Check back soon for more news on the Heartbleed bug soon.