I sent a newsletter to my the SCOOP subscribers last week informing of the Heartbleed bug. For those who are not subscribed, you should do so now (in the bar above) because I send out exclusive updates that I do not share publicly. And even if I do decide to share it publicly, the public gets it much later and sometimes it may be too late especially if it has to do with online security, not to spook you or anything While at the time of this post, there are still some websites with the vulnerability open, the majority of big websites have had their systems patched. But I figure it is still a pretty relevant thing so decided to share this publicly on my blog.
Some of you may have heard of the Heartbleed bug. If you have not, you should be aware of it because it has affected millions of websites, many of which you may use (ie. including Yahoo, Flickr, ReverbNation, WikiSpace, etc.).
Before you start downloading the latest anti-virus software, hold on.
What is it?
It is a vulnerability in OpenSSL, an open source service that runs commonly on Linux servers responsible for SSL authentication. SSL is the process of encrypting sensitive information transferred between a website and your computer, and is generally validated through a 3rd party certificate authority such as VeriSign, GeoTrust or Comodo.
Basically, it is a bug that affects the websites you are using and not your computer so your desktop anti-virus software and malware scanners won’t do you any good.
What can I do to protect myself?
1. On mobile, manually log out of your apps, wait a few minutes and log back in. This would reset the authorization tokens that would allow someone to get into your account.
2. If a website requests that you change your password, do it. Most likely, they’ve been affected and has now just patched their system.
3. You can use this tool http://filippo.io/Heartbleed/ to check if one of the sites you use may be affected. If your own website has been affected, please contact your web team ASAP because your customers’ sensitive information is at risk.