Unless you’ve been living under a digital rock for the past week, you’ve most likely heard about the Heartbleed bug. Slews of headlines and articles have popped up on almost every major reporting site since then.
Just how bad is this bug? It’s been dubbed “one of the biggest, most widespread vulnerabilities in the history of the modern web” (mashable.com), if that helps measure the significance of its threat.
So, what is Heartbleed? We’ll start at the top…
When you send private information, like your credit card number, to another person or server, it’s protected, a.k.a. encrypted. Encryption is a type of secret language between you and that server and the Internet has developed strict protocols to handle this system of security.
These protocols also have solutions so tons of web and email services, instant messengers, routers and apps can implement and use them. One of those solutions is referred to as OpenSSL (where the Heartbleed vulnerability lies);, according to Mashable, “[it] runs on 66% of the web.” That’s a LOT of real estate. Yikes!
Heartbleed, at its core, is the hole in the secret language/keys between you and the server, and allows a hacker to access those secret keys, discretely eavesdrop on your online conversations and save your private information. Scary, right?
So, how do you protect yourself from this threat? Well, it’s complicated and it’s a lot more technical than the average Internet user can/should understand. You can start, however, by changing your passwords for the sites that were affected by Heartbleed.
We’ve created a checklist for you here:
Safe surfing!