The Internet is abuzz with news about the Heartbleed bug, a vulnerability in the encryption technology that protects email, e-commerce, online banking, and other internet communications. The bug allows attackers to access confidential encrypted data and steal the encryption keys used to secure it. At-risk websites include any system running OpenSSL encryption, such as Amazon, Yahoo, and Eventbrite, the site through which OCU runs its performing arts ticket office.
Thankfully, many sites, including Facebook and Google, have already rolled out fixes for the bug. Unfortunately, though, there’s no solution for individual web surfers. “There is nothing users can do to fix their computers,” said Mikko Hypponen, chief research officer with Helsinki security software company F-Secure. “They have to rely on the administrators of the websites they use.”
However, certain steps can be taken to prevent valuable personal information from being stolen. While changing your passwords won’t help if the sites you’re on are still vulnerable, it doesn’t hurt to do so, and you should keep abreast of any notifications from site operators prompting you to do so again. To avoid phishing, double-check web addresses – particularly links included in emails – to ensure that you’re sticking to official domains. Most importantly, if you’re an online shopper, keep a close eye on your bank account.
For a more detailed explanation of exactly how the Heartbleed bug functions, click here. There’s also a handy test, located here, that checks URLs for vulnerability. Above all, stay vigilant, and be wary of where you’re sending your information.
Leave a Reply