heartbleed thumbnail

Is Your Web Security at Risk?

heartbleedAs several news outlets have been reporting this week, a serious bug, Heartbleed, was discovered. The bug affects OpenSSL, which, according to NPR, is "a popular cryptographic library that is used to secure a huge chunk of the Internet's traffic. Even if you have never heard of OpenSSL, chances are, it's helped secure your data in some way.”

A large number of websites (about two-thirds, according to the Associated Press) use OpenSSL and the Heartbleed bug allows the attacker to get access to the websites’ encryption keys that keep your communications with the companies private. This would allow attackers to get access to passwords and credit card numbers, among other things.

NPR breaks down the Heartbleed threat, pointing out a number of important facts:

  • There is no way of knowing which websites use OpenSSL, as businesses of all sizes use it, and whether or not they use it isn’t advertised.
  • The bug has existed since March 2012, so two years’ worth of communications could potentially be stolen.
  • There is no real way to protect oneself, aside from changing passwords and avoiding open Wi-Fi networks.

The New York Times advises web users to wait a day or so before changing passwords on their websites, suggesting, “immediately changing passwords could feed a new password into a website that has not fixed the flaw.”

According to the New York Times, web users will have to sit tight at the moment and wait for individual websites to announce whether or not they have addressed the flaw. 

Posted by Jamie Friedlander on Apr 09, 2014

  • Fresh Security Perspective from AMAG’s New Sales Director A Fresh Perspective on Security

    Fred Nelson may be new to the security industry but his sales and leadership methods are time tested, and true. Fred joined AMAG only a few months ago, but brings with him a wealth of experience in sales and life balance solutions. This year is off to a good start for AMAG with new solutions on the horizon.

Digital Edition

  • Security Today Magazine - April 2022

    April 2022


    • Similarities at Data Centers and Airports
    • Transitioning to the Cloud
    • Going High Tech
    • The Benefits of On-site Security
    • Optimizing Store Layouts

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety