Unless you’ve been hiding in a hole or away on holiday you can’t have missed the big panic being caused by the HeartBleed Bug.
So what is all the fuss about and should you be worried?
HeartBleed – What Happened
This week it was discovered that the encryption the internet uses for protecting our data often symbolised by a padlock is not as secure as we all thought. Worse still it’s been estimated that around two thirds of the internet could be affected.
While many are urging internet users to change all their password right away the article How to Protect Yourself Against the HeartBleed Bug on the Time magazine website had some very sensible advice.
Don’t Panic
Yes it’s a serious security breech and you need to be vigilant, but as the article points out running around changing all your passwords like crazy could be a big mistake.
This is not your run of mill security breach, no one has broken in and downloaded data rather the HeartBleed bug lets attackers grab information in small data chunks as it’s flowing through a server.
Until the security breach has been closed the door remains open for data to be stolen if you change your password on a site that hasn’t been fixed yet you could be putting your data at greater risk!
Changing & Checking
If a site has asked you to change your password then it most likely has been fixed and so it’s a good idea to change to a new secure password asap.
If you are unsure or want to change passwords on site where you haven’t been contacted you can test the site to see if it’s been updated by visiting:
Test your server for Heartbleed (CVE-2014-0160)
Ultimately you should plan to update all your passwords and make the assumption that most sites will at some time have been open to the bug.
It is going to take time to fix the situation, but everyone is working hard to get things secure. In the meantime be on your guard and protect your data!