Good news is the open-source SSL encryption software the bug affects has already been updated with a new, secure version.
Friday, April 11, 2014: Even as the highly toxic Heartbleed bug leaves countless databases all over the globe open and exposed, you might be considering changing your password as the one clear choice for saving all that is left of the online you. However, take note, simply changing your password won’t do you any good. Shocked? Panicked? Well, don’t be! There’s a way out, it’s called keeping your eyes and ears opened!
The Heartbleed bug has left quite a few of your favourite websites (including Google, Flickr and Steam) running for cover, however, the bug in question is a tough cookie to crack: simply changing the password is not enough to get rid of the same. What makes it so lethal and hard to remove is the fact that Heartbleed isn’t your everyday database leak or a list of plaintext logins but a flaw in one of the web’s most prevalent security protocols. While updating your password might be ideal in all probability, until the time affected websites patch their servers to block the exploit, password changes won’t just be enough.
Good news is the open-source SSL encryption software the bug affects has already been updated with a new, secure version. Websites only need to upgrade hereon to the latest version of Open-SSL to protect their users. Companies like Google have already done the same, while others are following suite. Users must be aware of which websites were vulnerable and check them to see if they’re patched, safe and sound. It must be noted that GitHub and Mashable have compiled lists of popular websites, services and social networks, much to the relief of the users, noting if they were affected and in some cases, even if they’ve been patched.
The newly discovered Heartbleed Bug affects some older versions of common internet encryption software. Upon infection, the Bug could lets hackers get hold of both a website’s secure content as well as the encryption keys that protect that content. An attacker could both obtain your private and supposed secure information from a given website in the aftermath as also impersonate the same. The Bug has been in the wild for almost two years now, claim researchers. Therefore, the probability that some of the online data is already at risk cannot be negated. Although an updated software has been built to counter the Bug, many believe the scale of it could leave significant amount of data open to theft for a long time to come before full recovery.
Saurabh Singh, EFYTIMES News Network