Neon Tommy - Annenberg digital news

Protect Your Passwords From The Heartbleed Bug

Eric Parra |
April 8, 2014 | 8:01 p.m. PDT

Tech Editor

Editor's note: The original headline reflected that the Heartbleed bug was a virus and that updating your anti-virus could protect you. While it is good to have an up-to-date anti-virus program, it will not be effective against the bug. Your best bet is to change all of your passwords and stay away from suspicious sites.

The Heartbleed bug can allow users to steal your passwords. Many security sites recommend using a password manager (wikimedia/creativecommons)
The Heartbleed bug can allow users to steal your passwords. Many security sites recommend using a password manager (wikimedia/creativecommons)

If you thought your computer and passwords were safe, you should probably check again. The “heartbleed” bug has recently gained some notoriety as it's been found leaving many major websites vulnerable to hackers.  Experts are currently considering it to be one of the most serious security flaws uncovered in recent history.

From Reuters:

“The finding of the so-called "Heartbleed" vulnerability, by researchers with Google Inc and a small security firm Codenomicon, prompted the U.S. government's Department of Homeland Security to advise businesses on Tuesday to review their servers to see if they were using vulnerable versions a type of software known as OpenSSL.

It said updates are already available to address the vulnerability in OpenSSL, which could enable remote attackers to access sensitive data including passwords and secret keys that can decode traffic as it travels across the Internet.”

The security firm, Codenomicon, has gone on to test their own services by attacking themselves from the outside to ensure safety for their site and services.  Security experts  say that the bug has actually been in existence for the past two years and victims cannot tell if their data has been accessed from anytime during that period.

There is an estimation that hundreds of thousands of web and email servers that may need to be patched to protect themselves from hackers utilizing the bug. Among the sites that have been patched and protected are: Yahoo Mail, Yahoo Search, Flickr, and Tumblr, but many more should be also be patched.

For an expansive and updating list on which sites may be affect by the bug, you can check digital trends here. For ways to protect yourself from the bug, check CNET and The Atlantic.

You can find more information from a website built by Codenomicon in order to provide more details on the threat at heartbleed.com.

Read the full story here.

Reach Tech Editor Eric Parra here.



 

Live On Twitter

Buzz

There's still time to see The Autry's "Road and the Romance" exhibit before it closes on Jan. 4.

While the Ahmanson delivers a fabulous production, it isn't enough to save this weak script.

 

ntrandomness