heartbleed thumbnail

Is Your Web Security at Risk?

heartbleedAs several news outlets have been reporting this week, a serious bug, Heartbleed, was discovered. The bug affects OpenSSL, which, according to NPR, is "a popular cryptographic library that is used to secure a huge chunk of the Internet's traffic. Even if you have never heard of OpenSSL, chances are, it's helped secure your data in some way.”

A large number of websites (about two-thirds, according to the Associated Press) use OpenSSL and the Heartbleed bug allows the attacker to get access to the websites’ encryption keys that keep your communications with the companies private. This would allow attackers to get access to passwords and credit card numbers, among other things.

NPR breaks down the Heartbleed threat, pointing out a number of important facts:

  • There is no way of knowing which websites use OpenSSL, as businesses of all sizes use it, and whether or not they use it isn’t advertised.
  • The bug has existed since March 2012, so two years’ worth of communications could potentially be stolen.
  • There is no real way to protect oneself, aside from changing passwords and avoiding open Wi-Fi networks.

The New York Times advises web users to wait a day or so before changing passwords on their websites, suggesting, “immediately changing passwords could feed a new password into a website that has not fixed the flaw.”

According to the New York Times, web users will have to sit tight at the moment and wait for individual websites to announce whether or not they have addressed the flaw. 

Posted by Jamie Friedlander on Apr 09, 2014

  • How COVID-19 Has Revolutionized Aviation Security Let's Talk Sports Security

    In this episode of SecurPod, Ralph C. Jensen and Fred Burton discuss security tactics at sporting events, from dealing with unruly fans to coordination between the home and visitors' teams to identifying potential stalkers. We also talk about the logistics of re-opening mass-attendance venues in the wake of the COVID-19 pandemic.

Digital Edition

  • Security Today Magazine - July August 2021

    July August 2021


    • Tee Up the Security
    • Listen Clearly
    • Turning to the Cloud
    • COVID-19 The Final Push
    • Redefining Security

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety