Search the Community
Showing results for tags 'Heartbleed bug'.
Found 1 result
-
G. David Felt Alternative Fuels & Propulsion writer www.CheersandGears.com In the news of the last 48hrs has been the story about the large hole in SSL or what is known as Secure Socket Layer. I don’t usually talk about network security around here, but this vulnerability almost certainly affects you. Whenever you buy anything online, most often, that transaction is encrypted using Secure Socket Layer (SSL). If you’re on a site such as Amazon, then you go to the shopping cart or checkout, at the top of the URL you’ll see http:// change to https://. That is generally an indicator that SSL encryption is protecting your credit card data. Turns out there has been a massive hole in a specific implementation of SSL. On some sites, all your “encrypted private data” has been clear and open for attackers to see. If you don’t want your identity hijacked, and ESPECIALLY if you have credit card data on these sites, you should change your password TODAY on Facebook, Twitter, and with Apple (e.g, iTunes). I happen to have a GoDaddy domain, so I need to change my password with GoDaddy, too. If you have a TurboTax or Dropbox password, those should be changed, too. For a list of major vendors who have been vulnerable AND have installed the fix, see: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/ Because SSL is so foundational to e-commerce sites, some vulnerable sites need time in order to install the fix. That means if you change your password to fool attackers on a site that has not yet installed the fix, you’re just giving the attackers your new passwords. If a site where you have an account sends you an email about the Heartbleed bug, take note! Meanwhile, be more diligent than usual about watching your e-shopping transactions! Full Details about the Heartbleed bug can be read here: http://heartbleed.com/
