So, is the Heartbleed Bug Fixed?
Have you been worried about the Heartbleed bug that scared the life out of the web industry last week? Well maybe it’s time to relax a little.
Well, if you have watched the news or been online since last week, you might have heard something about the latest and biggest internet threat to your privacy and online security — the Heartbleed bug.
The good news now though is that (at least) the top 1,000 sites on the Web are safe! All have confirmed that they have been updated, their certificates and keys recreated, and they’re now safe to use, although you will probably still need to change your passwords to be on the safe side.
The Heartbleed bug was and still is to some degree a vulnerability in one of the principal tools used to encrypt sensitive information stored on servers around the world. Information like usernames, passwords and financial information like credit card numbers and bank accounts.
Heartbleed attacks OpenSSL
The tool under attack is known as ‘OpenSSL’ and is used by over two-thirds of all web servers around the world to protect sensitive information on the internet.
Perhaps even more reassuring is that within the top 10,000 sites, only 53 were found to still to be vulnerable at time of writing, which should at least give us some comfort.
From our perspective however, we would still suggest that everyone, that means you! updates their passwords as soon as possible. Regardless of which website you use. Large or small. Credit card details or not. We would suggest that all passwords are updated.
For those not keeping up with this article, well, the Heartbleed bug emerged last week. It takes advantage of a gap in OpenSSL security, the security software used by about two-thirds of the sites on the Internet and this allows attackers to randomly pick off whatever data they need allowing them to impersonate a legitimate server and trick users into giving up their user names and passwords.
There will likely be significant fallout from the Heartbleed bug in the months to come, especially as the issues around the security breach are better understood. The internet though no stands still. As quickly as it’s fixed, the hackers are trying to open another back door.
For now, the issue may have been resolved, but it’s only a matter of time before it comes back around again.