As if the end of support for Windows XP weren't enough of a technology headache for one week, a newly discovered security bug named Heartbleed is causing people and businesses to wony about their online security.
The name of the bug stems from its exploitation of the security protocol's "heartbeat" extension, which keeps the connection between the client and server alive. The bug can decrypt small packets of information that pass through the server and allow viewing by a third party.
What does this mean for you?
The Heartbleed bug could allow hackers and other ne'er-do-wells to access information on servers that should be encrypted. In theory, information passing through a very large number of websites could be vulnerable, including emails, instant messages, documents, passwords and credit card information. No one is really sure at this point how long, or even if, hackers have been accessing information on affected servers.
The fix is simple, but not
Fixing the Heartbleed vulnerability is easy, but it isn't exactly simple. First, the websites hosted on servers infected by the Heartbleed bug need to be updated to patch die vulnerability. The patch will prevent backers from accessing any new data passing through the server, built won't prevent backers from using the information they already posses~ Tn order to prevent further issues, you need to change your password for any affected sites as well.
Don't change your passwords yet
While your first instinct might be to immediately change all of your passwords, it's not a good idea yet. After all, changing a password for a site hosted on an infected server still serves up your information to anyone illegally accessing the server's information. You can go https:// filippo.io/Heartbleed or https://www.ssllabs. com/ssltest, to check if a particular site has patched the vulnerability. Once the problem is patched, then you should change your password.
Alternatively, you will probably receive an email from any affected websites informing you that the vulnerability has been patched and requesting (or, in some cases, requiring) you to change your password.
Increasing your security
First, change the passwords on any sites that have been updated to patch the Heartbleed bug vulnerability.
Second, resist the temptation to use the same password for every site. In fact, it's best if you have different passwords for each and every site you use.
Third, rather than trying to remember dozens of different passwords, use a password manager. A password manager can not only remember and autofill your passwords for every website you use, it can generate unique and extremely strong passwords for you.
Finally, if a website, such as
So now that you know Heartbleed exists and what it can do, try not to panic. It certainly isn't the end of the world. Just take the suggested security precautions and change your passwords once the vulnerability is removed. Additionally, you may want to keep an eye on bank accounts and any websites that contain any sensitive information.
Casey L Sipe is an attorney with
Most Popular Stories
- Prosecutor to Investigate Walmart Police Shooting
- GM to Announce New Jobs in Tennessee
- Mark Sanchez Suddenly a Hot QB Commodity
- Smith & Wesson Misses Target
- Emirates Hit Libyan Targets With Airstrikes
- Michael Brown Funeral: Can Americans Change the Script of Violence?
- American Killed With ISIS Fighters in Syria
- Marco Rubio Warns Obama on Deportations
- Surf's Up! SoCal Prepares for Big Storm Surf
- Ford Hires 300 at Louisville Lincoln Plant