warning Hi, we've moved to USCANNENBERGMEDIA.COM. Visit us there!

Neon Tommy - Annenberg digital news

Technology

Protect Your Passwords From The Heartbleed Bug

Comments (16)
| bug, codenomicon, computer, glitch, Google, hack, hacker, hackers, heart, heatbleed, Mac, mail, openssl, pc, program, software, ssl, Technology, virus, vulnerable, yahoo
Eric Parra |
April 8, 2014 | 8:01 p.m. PDT

Tech Editor

Editor's note: The original headline reflected that the Heartbleed bug was a virus and that updating your anti-virus could protect you. While it is good to have an up-to-date anti-virus program, it will not be effective against the bug. Your best bet is to change all of your passwords and stay away from suspicious sites.

The Heartbleed bug can allow users to steal your passwords. Many security sites recommend using a password manager (wikimedia/creativecommons)
The Heartbleed bug can allow users to steal your passwords. Many security sites recommend using a password manager (wikimedia/creativecommons)

If you thought your computer and passwords were safe, you should probably check again. The “heartbleed” bug has recently gained some notoriety as it's been found leaving many major websites vulnerable to hackers.  Experts are currently considering it to be one of the most serious security flaws uncovered in recent history.

From Reuters:

“The finding of the so-called "Heartbleed" vulnerability, by researchers with Google Inc and a small security firm Codenomicon, prompted the U.S. government's Department of Homeland Security to advise businesses on Tuesday to review their servers to see if they were using vulnerable versions a type of software known as OpenSSL.

It said updates are already available to address the vulnerability in OpenSSL, which could enable remote attackers to access sensitive data including passwords and secret keys that can decode traffic as it travels across the Internet.”

The security firm, Codenomicon, has gone on to test their own services by attacking themselves from the outside to ensure safety for their site and services.  Security experts  say that the bug has actually been in existence for the past two years and victims cannot tell if their data has been accessed from anytime during that period.

There is an estimation that hundreds of thousands of web and email servers that may need to be patched to protect themselves from hackers utilizing the bug. Among the sites that have been patched and protected are: Yahoo Mail, Yahoo Search, Flickr, and Tumblr, but many more should be also be patched.

For an expansive and updating list on which sites may be affect by the bug, you can check digital trends here. For ways to protect yourself from the bug, check CNET and The Atlantic.

You can find more information from a website built by Codenomicon in order to provide more details on the threat at heartbleed.com.

Read the full story here.

Reach Tech Editor Eric Parra here.



 

Buzz

Film Review: 'The Finest Hours'

Craig Gillespie directed this true story about "the most daring rescue mission in the history of the U.S. Coast Guard.”

LIVE State of the Union Recap And Analysis

Watch USC Annenberg Media's live State of the Union recap and analysis here.

 
ntrandomness