Heartbleed bug bleeds out
Have you been on the Internet lately? Have you been on it anytime in the last two years?
Chances are, unless you’re Amish or live in the middle of the Sahara desert, you have been on the Internet in the last few days, hours, minutes, or even right this second as you’re reading this article. And there’s also a good chance that a lot of your personal information, such as passwords to online banking, email and social media sites, and credit card numbers, has been stored on the Internet in hopes that it will be safe and secure from all those who would hope to steal it from you.
Recently, word has gotten out that the security used to protect sensitive information from digital plunderers was, unfortunately and at a potentially grand cost, nowhere near as secure as previously thought. A new security breach, codenamed the Heartbleed bug, sent shockwaves to Internet users all over the world last week, as developers from big name sites, such as Facebook and Tumblr, tried to warn users they needed to change their passwords as soon as possible.
The Heartbleed bug is basically a flaw in the security used by a vast majority of websites to make sure that information submitted by users, such as passwords and credit card numbers, is safely stored away from Internet hackers. Heartbleed.com, a website created after the bug was discovered, describes the bug as “a serious vulnerability in the popular OpenSSl cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.”
It also says the Heartbleed bug allows attackers to “eavesdrop on communications, steal data directly from the services and users, and to impersonate services and users.”
In less techie terms, normal SSL encryption works like this: when you open up a website on your computer, your web browser sends out a request to the website asking the site to identify itself. The website then sends out its own personal certificate to your web browser for identification. Once your browser identifies the website’s certificate, it sends out another signal to request encryption, and then the website allows the encryption. It works like a padlock for your website browsing, so your personal data isn’t shared with anyone besides your computer’s web browser and the website.
You can also think of it like when you were a kid and you used a secret password to get into your fort. Only you and the fort’s “guard” is supposed to know the password, but there’s always that untrustworthy brat that spills the beans to the weird kid down the block, ruining the sanctity of your secret fort, and pretend time, forever.
Investigators estimate about two-thirds of all websites use OpenSSL and were affected by the Heartbleed bug, so there is a very likely chance that you were affected by it and just don’t know it yet.
So what are the best options for saving personal info? Since the bug was announced, websites everywhere have scrambled to patch the hole and update their SSL to prevent this from happening again in the future.
Mashable.com created a list of the main websites that were probably affected by Heartbleed, which includes Facebook, Instagram, Pinterest, Tumblr, Gmail, Yahoo Mail and Netflix. Some sites, such as LinkedIn and Amazon, were saved from the bug thanks to their use of a different security than OpenSSL.
But to be on the safe side, the Internet as a whole is encouraging all users to change their passwords on any website they routinely use. This will prevent any precious information from being stolen by Cybercriminals.
So take a few minutes out of your busy schedule, change your passwords and live without the worry of someone stealing from you. You’ll be sorry you didn’t once you notice Cletus Smith of Birmingham, Ala. pinning pictures of motorcycles and inspirational “Roll Tide!” quotes to your “Wedding board” on Pinterest.
Get Top Stories Delivered Weekly
From Around the Web
More ASU Herald News Articles
Recent ASU Herald News Articles
Discuss This Article
MOST POPULAR ASU HERALD NEWS
GET TOP STORIES DELIVERED WEEKLY
FOLLOW OUR NEWSPAPER
LATEST ASU HERALD NEWS
- Gubernational Debate
- Mythbusters: Greek life edition
- Golf player dismissed from team after arrested and charged with sodomy
- Mold found in dorms causes health concerns for residents and staff
- College mergers, possible restructuring to follow decline in student enrollment
- The writing center relocates for easier student access
- Student activity center construction update
FROM AROUND THE WEB
- A New Prescription for Finding the Right Doctor
- Be on the Lookout for These Invasive Species
- It's Official: Women Are the Decision-Makers Even When It...
- Where the Jobs Are: Why Relocating May Be the Best Option
- Value of Education Brings Success Among Unique Student...
- Is Faith Really a Good Thing?
- Are Workers Taking Enough Time to Understand Their...
- Save Now With Proven High-Efficiency Gas Wall-Hung Boiler
- Some Jobs Really Are a Pain in the Back
- Are Your Investments Doomed by Overfunded Public Markets?
COLLEGE PRESS RELEASES
- 5 DAYS ONLY! Semi Annual Consignment Sale!
- Leading Digital Strategists Transform Digital Marketing In Business and Academia
- USA NETWORK AND VERIZON CHARACTERS UNITE COLLEGE TOUR TO VISIT SEVEN CAMPUSES ACROSS THE COUNTRY, ENGAGING STUDENTS TO COMBAT DISCRIMINATION AND DATING ABUSE
- OH HONEY ARE “SINCERELY YOURS” WITH NEW EP // HONDA CIVIC TOUR
- Mercedes-Benz Financial Services wants you to help “Drive Our Future”