Heartbleed bug bleeds out
Have you been on the Internet lately? Have you been on it anytime in the last two years?
Chances are, unless you’re Amish or live in the middle of the Sahara desert, you have been on the Internet in the last few days, hours, minutes, or even right this second as you’re reading this article. And there’s also a good chance that a lot of your personal information, such as passwords to online banking, email and social media sites, and credit card numbers, has been stored on the Internet in hopes that it will be safe and secure from all those who would hope to steal it from you.
Recently, word has gotten out that the security used to protect sensitive information from digital plunderers was, unfortunately and at a potentially grand cost, nowhere near as secure as previously thought. A new security breach, codenamed the Heartbleed bug, sent shockwaves to Internet users all over the world last week, as developers from big name sites, such as Facebook and Tumblr, tried to warn users they needed to change their passwords as soon as possible.
The Heartbleed bug is basically a flaw in the security used by a vast majority of websites to make sure that information submitted by users, such as passwords and credit card numbers, is safely stored away from Internet hackers. Heartbleed.com, a website created after the bug was discovered, describes the bug as “a serious vulnerability in the popular OpenSSl cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.”
It also says the Heartbleed bug allows attackers to “eavesdrop on communications, steal data directly from the services and users, and to impersonate services and users.”
In less techie terms, normal SSL encryption works like this: when you open up a website on your computer, your web browser sends out a request to the website asking the site to identify itself. The website then sends out its own personal certificate to your web browser for identification. Once your browser identifies the website’s certificate, it sends out another signal to request encryption, and then the website allows the encryption. It works like a padlock for your website browsing, so your personal data isn’t shared with anyone besides your computer’s web browser and the website.
You can also think of it like when you were a kid and you used a secret password to get into your fort. Only you and the fort’s “guard” is supposed to know the password, but there’s always that untrustworthy brat that spills the beans to the weird kid down the block, ruining the sanctity of your secret fort, and pretend time, forever.
Investigators estimate about two-thirds of all websites use OpenSSL and were affected by the Heartbleed bug, so there is a very likely chance that you were affected by it and just don’t know it yet.
So what are the best options for saving personal info? Since the bug was announced, websites everywhere have scrambled to patch the hole and update their SSL to prevent this from happening again in the future.
Mashable.com created a list of the main websites that were probably affected by Heartbleed, which includes Facebook, Instagram, Pinterest, Tumblr, Gmail, Yahoo Mail and Netflix. Some sites, such as LinkedIn and Amazon, were saved from the bug thanks to their use of a different security than OpenSSL.
But to be on the safe side, the Internet as a whole is encouraging all users to change their passwords on any website they routinely use. This will prevent any precious information from being stolen by Cybercriminals.
So take a few minutes out of your busy schedule, change your passwords and live without the worry of someone stealing from you. You’ll be sorry you didn’t once you notice Cletus Smith of Birmingham, Ala. pinning pictures of motorcycles and inspirational “Roll Tide!” quotes to your “Wedding board” on Pinterest.
Get Top Stories Delivered Weekly
From Around the Web
More ASU Herald News Articles
Recent ASU Herald News Articles
Discuss This Article
MOST POPULAR ASU HERALD NEWS
GET TOP STORIES DELIVERED WEEKLY
FOLLOW OUR NEWSPAPER
LATEST ASU HERALD NEWS
FROM AROUND THE WEB
- Wondering if it's Time to Buy a New Car? Just Check Your...
- Smartphone to Become Wallet -- Are Customers, Businesses...
- Grandparents, Keep Your Meds Up and Away From Young Children
- As Insurers End Coverage for Compounded Drugs, Patients...
- 4 Tips to Start Your Day a Little Earlier
- Join the Force to Fight Lung Cancer in Women
- If You Want to Help Avoid Back Problems, Stop Slouching
- Common-Sense Strategies From a Natural Marketing Guru
- 10 Steps to Help Older Adults Prevent Slips, Trips and Falls
- Stay Cool for Next to Nothing: Power Down the AC on...
COLLEGE PRESS RELEASES
- Peace Corps Director Calls on College Students to Make a Difference After Graduation Through International Service
- USA NETWORK AND VERIZON LAUNCH THE “CHARACTERS UNITE COLLEGE TOUR” COMPETITION FOR STUDENTS TO BRING A USA NETWORK CELEBRITY AND A WORTHY CAUSE TO THEIR CAMPUS
- WHEN GEORGIA SMILED: THE ROBIN MCGRAW REVELATION FOUNDATION TEAMS WITH PIVOT AND STUDENTS OF THE WORLD TO LAUNCH THE #iASPIRE GRANT CONTEST
- Latino Groups Launch National Campaign to Deliver Record Latino Turnout for 2014 Midterm Elections
- The Power of Peer Support: Sheryl Sandberg's "Lean In" Hits Campuses