Just when you think you only have to worry about the government bugging you, along comes the Heartbleed bug. I don’t know about you, but I went ahead and changed some of my passwords on such sites as Google, Amazon and a couple of others. Anyhow, here’s more information on what’s happening if you having already heard.
A massive security flaw exposed on websites could put at risk your private information, such as credit card numbers and other data.
Researchers uncovered the vulnerability in a Web security measure known as OpenSSL. Websites that have a lock next to the URL typically indicate that the site is encrypted and that third parties will not be able to read or receive the information you send. But the Heartbleed bug potentially could break the encryption and expose users’ personal information.
Researchers believe that up to two-thirds of websites could be affected. Google, Facebook, and Yahoo! recently confirmed that they had been affected and said they were applying fixes to their systems, The New York Times reports.
Administrators to websites are upgrading their software and applying added protections from Heartbleed. Still, security experts are advising consumers to change their passwords at any site that holds their sensitive data.
But beware: “Changing your passwords before sites were patched could simply lead to re-exposure,” says Bruce Schneier, a cryptographer and security consultant who discovered the OpenSSL flaw on his own site. He urges people to find out if the sites they use have fixed the problem — or if they were ever at risk — before changing their passwords.
The company LastPass has set up a “Heartbleed test” for consumers to check specific sites to see whether they are safe from the bug.
Companies will likely begin contacting customers soon about resetting passwords, but Brian Krebs, a security researcher, says consumers may want to be proactive in changing passwords now even if it means they may need to do it again later.
Source: “Flaw Calls for Altering Passwords, Experts Say,” The New York Times (April 9, 2014) and “The Heartbleed Bug, Explained,” Vox.com (April 8, 2014)
Help me keep this website going
Call today for buying or selling real estate
John J. O’Dell Realtor® GRI
O’Dell Realty
(530) 263-1091
Email John
BRE#00669941