This past week the Heartbleed Bug has been hitting the headlines. It’s a bug which affects Open SLL Software.
What is Open SLL Software?
Open SLL (Secure Sockets Layer) is an open source software. Open Source software is code which can be modified because it is publicly accessible. The Open SLL software is designed to encrypt communications between your computer and a web server. It’s kind of like a secret handshake between the two. This software is used on about two thirds of all websites and is one of the most widely used encryption tools on the internet. If you see a little padlock icon in your browser, then it’s likely you are using SLL.
What is the Heartbleed Bug?
This bug was named because it affects an extension to SLL which engineers dub the Heatbeat and it’s thought that it affects over half a million sites worldwide.
In his blog chief technology officer of Co3 Systems Bruce Schneier said: “The Heartbleed bug allows anyone to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the name and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users.”
What does this mean to you?
Time to change your passwords! The affected sites have updated their systems to address the vulnerability, but you can never be to safe, especially in this digital age with so much of our personal data online.
From the research we’ve done, we’d recommend changing the following site passwords (if you use them):
- Google (although Google says it isn’t necessary, but security experts suggest doing it anyway) – this includes your Gmail account
- Instagram (still to be confirmed)
Sites you probably do not need to change include:
- Microsoft/Xbox Accounts
What do you need to do?
Take ten minutes to start changing your password. Then share this with your friends and family so they can ensure their personal data is secure. Read here for tips on How to Create A Strong Password.
Sources: http://www.bbc.com/news/technology-26969629, http://www.dailymail.co.uk/sciencetech/article-2601379/Will-changing-password-really-protect-Heartbleed.html, http://en.wikipedia.org/wiki/Heartbleed