TECHNOLOGY TIPS – SOME DETAILS ABOUT THE HEARTBLEED VULNERABILITY

/in /by
TECHNOLOGY TIPS – SOME DETAILS ABOUT THE HEARTBLEED VULNERABILITY

It’s been in the news since it first came out and it’s called Heartbleed. This vulnerability has been in the news for several days now and it impacts everyone.

Essentially what has happened is that there is a software used by many of our providers that encrypts information to protect it. When you log into your bank account for example the website would read https://www.chase.com. The "s" on the URL address means that it should be secure and cannot be compromised (aka "hacked" or stolen). The underlying software that provides this security is called OpenSSL. This software is what had the leak in it. It’s called Heartbleed because the extension that was vulnerable was called "heartbeat."

The thing to remember is that this is a security error and not a virus. At this point no one really knows the level of damage done. The error has been in existence for over two years. Since no one really knows if the flaw was discovered by hackers you’ll want to read all email from your service providers (banks credit cards ISP provider). Most of these companies have already updated the OpenSSL software to correct the problem so be on the lookout for these emails to verify that you are safe.

In the meantime change your passwords. This is not going to change much of the problem if the site you’re visiting has not installed the security patch. What you can do is change your passwords and then in about a week change them again. This is a frustrating time for everyone but security is what is of the utmost importance. I’m a Firefox user and know that there is an add-on which you can use. It will check the vulnerability of a site by providing you with either a green or red light.

Finally the most important is to continue checking your most frequently visited websites for updates. It turns out that the security breach is also something that could effect your router. Be sure to talk to Comcast RCN AT&T or whoever you use so that you can verify that you are protected. There are going to be some people who will try to capitalize on this situation. Do not willingly give out any personal information unless you have initiated contact with your provider.

CATHY MALLERS & DEAN’S TEAM CHICAGO

Posted: Monday April 14 2014 7:42 AM by Dean’s Team

Filed under: