Hert Bleed: what can we do?

04/10/2014 13:37

This Tuesday, April 8th, network security researchers announced a startling vulnerability in Open SSL, the encryption program that secures about 2/3 of websites. This vulnerability looks to have been around for approximately 2 years and a patch has been released to fix it.

As internet users, what can we do? For now test and avoid. This bug generally affects Linux web servers on the internet, not our business or home computers that run Windows. As such, we are at the mercy of the website administrators to patch their software.

The best we can do is test the sites that we use, and avoid logging into or doing transactions on sites that are still vulnerable. http://filippo.io/Heartbleed is a site that allows testing of other websites for this bug and we recommend that you use this on websites before typing in any information.

Once sites have been updated to fix this issue, we highly recommend that you change your passwords.

 

Here are a few good articles that go more in depth on this issue:

http://www.businessinsider.com/heartbleed-bug-explainer-2014-4

http://heartbleed.com/

http://hosted.ap.org/dynamic/stories/U/US_TEC_INTERNET_SECURITY_THREAT_QA?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT

 

www.sagecomputer.com/blog/entry/heart-bleed-what-can-we-do.html