I’d like to first say, that I am not a security expert. However, since almost every internet user could be affected by the Heartbleed bug, I thought it would be useful to share some information from reputable sources to address some concerns and questions.
What is Heartbleed?
Heartbleed is a security flaw in one of the security protocols commonly used on the Internet. This bug exposes sensitive information to theft and puts websites around the world at risk, including several large businesses and social media websites.
What should I do about Heartbleed? Should I change all my passwords?
Experts from several sites have stated that changing your password before the affected site fixes the issue, will NOT help. What you need to do is verify that the site has been fixed (or not affected) and THEN update your password.
Which sites have been affected?
According to several sources, for the majority of users, their data is only at risk from Heartbleedwhen they use an affected site. Mashable.com has reached out to many of the popular sites used frequently and complied a list of their responses about whether they were affected and what their recommends are for consumers on changing their passwords.
According to Krebbs Security Blog – consumers need to be proactive about protecting their data.
Check for Heartbleed Issues before using a site
- Double check that the site has updated their security first
- Search the site for the company’s statement
- Use one of the tools developed to check for Heartbleed to check (note – none of these is foolproof)
- “Avoid responding to emailed invitations to reset your password; rather, visit the site manually, either using a trusted bookmark or searching for the site in question.” ~Krebbs
Protect your personal information on the web
Setting a strong password that you can remember – The Guardian.com – Setting a Strong Password
Easy steps you can take today – Forbes.com on Protecting your Privacy
How will Heartbleed affect the Internet in the future?
If this event causes consumers to be more cautious when using the web, then, personally, I would consider that to be a good thing. The internet allows consumers to be more educated, that includes learning to protect our privacy.
Learn more about the Open SSL Project – Nichole Perlroth, NewYorkTimes.com