Back To Top
Back To Top
Comment
The Heartbleed:In today’s society, the Internet is virtually embedded within every facet of our lives. Whether we are checking our Facebook Accounts, Emails, or making online transactions — we can easily see how dependent society has become on its immediate access.
In the digital age – It is hard to imagine even 1 person who doesn’t use the web to either surf, communicate, or make online purchases.
Therefore All across the world — literally hundreds of millions of Internet users are storing their private data online using popular sites such as Google, Facebook, Ebay, and Amazon (just to name a few). We entrust these sites to take the necessary security measures to ensure that our private data is protected and encrypted.
But what happens when their security Fails?
Recently, there was an announcement made by Google and other Security firms regarding a “Security Bug” that was recently discovered. It was through this announcement that we first discovered the Heartbleed and how it has potential compromised not only our passwords and private data — but possibly even the future of online transactions.
Heartbleed is a serious vulnerability that was discovered within the openSSL cryptographic software library. (don’t worry if you don’t understand the technical terms)
Basically- Heartbleed is a flaw in the Security System of any website that uses the vulnerable versions of of the the software. This flaw in the system can allow any attacker to view the unencrypted data that is being stored by any site that is still using the vulnerable versions of the software. Heartbleed exploits a built-in feature of the OpenSSL called “Heartbeat” – hence Its name.
If you still don’t fully understand this then don’t worry — you are not alone.
Unless you have an extensive IT background in Computer Information Systems then you need not feel bad for not fully understanding. But to make this subject as simple as possible — The example following will explain it so simply that any 12 year old can understand it.
Layman’s Terms: If you were trying to type in your password online — then Heartbleed is the kid trying to see your fingers and yelling out every key stroke to everyone in the room.
So if anyone asks a website for your passwords, and if that website has not fixed the heartbleed bug — they will not only see all of your passwords, but all of your private data as well. Whether it be your Phone Number, SSN, Credit Card Number, Etc.
I know that many of you may be frightened by now and fearful for the protection of your private data — But before you go and cancel your credit cards and close every account that you have online there are a few things you should know first.
Many websites have been on the offensive in order to protect its users from the bug that exposes all private data. In fact, by the time that you read this post, I am sure that many of the most popular sites such as Amazon, Ebay, Google Services, and others have already dispatched a “Fix” in response to the Bug. But there is no certainty that in the time-span that these sites were exposed — your passwords were not compromised. Therefore to be on the safe side, you may want to change your passwords for all email services you are using.
Again, It may not be necessary to cancel your credit cards unless you notice some unusual activity, spending, or charges that you did not authorize. Although many sites have already addressed the Heartbleed problem — There are many other sites who are still vulnerable.
To Discover if a site is still vulnerable to to the heartbleed bug, then simply take the URL (domain) and test it using the LastPass Heartbleed Checker which will tell you whether the site is or is not vulnerable to the heartbeat exploit.
SCRIPT