heartbleed thumbnail

Is Your Web Security at Risk?

heartbleedAs several news outlets have been reporting this week, a serious bug, Heartbleed, was discovered. The bug affects OpenSSL, which, according to NPR, is "a popular cryptographic library that is used to secure a huge chunk of the Internet's traffic. Even if you have never heard of OpenSSL, chances are, it's helped secure your data in some way.”

A large number of websites (about two-thirds, according to the Associated Press) use OpenSSL and the Heartbleed bug allows the attacker to get access to the websites’ encryption keys that keep your communications with the companies private. This would allow attackers to get access to passwords and credit card numbers, among other things.

NPR breaks down the Heartbleed threat, pointing out a number of important facts:

  • There is no way of knowing which websites use OpenSSL, as businesses of all sizes use it, and whether or not they use it isn’t advertised.
  • The bug has existed since March 2012, so two years’ worth of communications could potentially be stolen.
  • There is no real way to protect oneself, aside from changing passwords and avoiding open Wi-Fi networks.

The New York Times advises web users to wait a day or so before changing passwords on their websites, suggesting, “immediately changing passwords could feed a new password into a website that has not fixed the flaw.”

According to the New York Times, web users will have to sit tight at the moment and wait for individual websites to announce whether or not they have addressed the flaw. 

Posted by Jamie Friedlander on Apr 09, 2014


  • Securing Entertainment Venues Securing Entertainment Venues

    One thing entertainment venues, sports stadiums and theme park officials want to accomplish is getting people back into their seats. That is happening today—but not without understanding and technology. In this episode, AJ DeRosa shares his insight on how COVID-impacted businesses are able to face safety and security issues with confidence and technology. We also discuss visitor expectations and how venue officials can ensure their space is secure as they welcome visitors back.

Digital Edition

  • Security Today Magazine - November December 2021

    November / December 2021

    Featuring:

    • Navigating System Integration
    • Protecting Premises and People
    • Cashing in Your VMS System
    • Encryption and Compliance
    • Security Breach at 38,000 Feet

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety