What happens when there are gaps in Internet security? The relationship between the user and the server is at risk of losing encryption. Encryption protects our privacy, passwords, business emails, credit card numbers, and basically all of the information we have given through webpages.
Heartbleed bug threatens this security by leaving gaps in the OpenSSL software. This flaw exposes Internet memory and allows it to be read by anyone—without being detected. This bug has been in use since December 2011, and software packages have used this flawed version of OpenSSL on websites, apps, and other services since May 2012. This month, the Heartbleed Bug was first detected by a member of Google’s security team and by the software firm Condenomincon. This is good news because researchers located the problem before hackers did.
All sites that use OpenSSL software, like Yahoo, Airbnb, NASA, amongst others, are at risk. The bad news is that there is only so much you can do to recover or change what has already been exposed. For now, this OpenSSL flaw is the responsibility of Internet companies as they update their servers and take security actions. Companies have been sending warning emails to users, implementing patches to fix Heartbleed vulnerability on their severs, and making the decision to apply for new digital SSL certificates.
What can you do? First, check websites of use and read through this list to see if a provider you use has been affected and if they have updated to fix Heartbleed. You can also change your passwords and watch activity on sensitive online bank or email accounts as precautions.
While changes are progressing to fix the Heartbleed bug, it is still highly catastrophic because memory has already been compromised, and it is a difficult technical process to fix the gaps.