Staying aware of things is always the best advice for anyone who connects her/his computer to the internet. We were really made aware of this over the past week with the announcement of the Heartbleed bug. It’s scary stuff, especially when you think of how long it has been in existence and how we’ve come so accustomed to relying on the supposedly secure connection between your computer and the website that you’re visiting.
At the bottom of the wikipedia article linked to above, you’ll find a list of websites that have been affected. The common sense approach would be to change your password on those sites – once they are patched.
Other articles offering advice include:
- Change Your Passwords For These 15 Heartbleed-Vulnerable Sites ASAP
- The Heartbleed Hit List: The Passwords You Need to Change Right Now
A really good resource for all things Heartbleed:
Today’s Naked Security Podcast offers an audio insight into what’s going on:
Users of LastPass have a built-in bit of confidence. Just head to the Tools menu and run a Security Check. All of the sites that you have saved in this utility are checked. You’ll determine if the site has been patched or not, along with a recommendation to get over there and change your password if the site is ready to go.
Or, if you’re not using LastPass, they offer
And, for the truly concerned browser, the Chromebleed extension keeps an eye on the sites that you browse to and warns you before you visit.
This issue is going to take a while to resolve. I read one report that indicated that 66% of the web could be at risk. That’s a scary thing. In the meantime, it’s a good idea to do some research and stay on top of what’s happening.
For the really technical minded, read some code.
And, if that’s too deep, take it in as only XKCD can describe it.