Technology, being man made is not perfect. A few days ago a big security flaw was discovered at the heart of the internet. This was believed to have opened risks to many users and companies. Which might have led to exposing users’ personal information and passwords to hackers for the past two years. But why Heartbleed? It was named Heartbleed, because it affects a SSL extension software programmers call Heartbeat. This affects anywhere from half a million to a billion websites.
Which websites were affected?
So what does this mean to an ordinary user who currently has accounts to different websites such as Facebook, Gmail, Youtube and Paypal. Are these websites safe to use? Mashable has a list of websites that were possible victims. The list includes Facebook and Gmail. It turns out that they both and many other websites have applied patches to the problems. Google explained in their blog last April 9 that
We’ve assessed this vulnerability and applied patches to key Google services such as Search, Gmail, YouTube, Wallet, Play, Apps, App Engine, AdWords, DoubleClick, Maps, Maps Engine and Earth. Google Chrome and Chrome OS are not affected. We are still working to patch some other Google services. We regularly and proactively look for vulnerabilities like this — and encourage others to report them — so that that we can fix software flaws before they are exploited.
In case you did not find your website there, you can go to LastPass to check other websites.
What should I do now?
For many web sites, you should change your passwords. But you should first wait until you get confirmation from the website admin that the bug has been patched. It’s a natural reaction to change all of your passwords immediately. This is because if the bug has not been fixed yet, changing your passwords will be useless. It’s like you’re just giving an attacker your new password.
For more information regarding Heartbleed, you can visit the website at http://heartbleed.com/