{"id":2238,"date":"2014-05-21T09:18:10","date_gmt":"2014-05-21T14:18:10","guid":{"rendered":"http:\/\/www.poweradmin.com\/blog\/?p=2238"},"modified":"2024-03-27T16:50:01","modified_gmt":"2024-03-27T21:50:01","slug":"heartbleed-bug-are-you-affected","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/heartbleed-bug-are-you-affected\/","title":{"rendered":"Heartbleed Bug \u2013 Are You Affected?"},"content":{"rendered":"

Are you affected by the Heartbleed Bug?<\/strong><\/span><\/h2>\n

\"PanicThe recent Heartbleed bug<\/a> has been dubbed the biggest security threat the internet has seen. The vulnerability affected a huge number of popular and<\/span> well-known websites and a large proportion of users ran the risk of having their sensitive account information exposed. Perhaps the most worrying thing is <\/span>the fact that the Heartbleed bug<\/a> has been quietly thieving in the background for the past two years.<\/span><\/p>\n

You\u2019re likely to be directly or indirectly affected by Heartbleed. The bad news for internet denizens is the unfortunate fact that there is very little to<\/span> be done. It\u2019s the responsibility of internet companies to upgrade servers and security protocols to combat this insidious threat. When those companies do <\/span>that however you\u2019ll have the opportunity to take action.<\/span><\/p>\n

Introducing the Heartbleed Bug<\/strong><\/span><\/h2>\n

Effectively the issue involves security certificates and encryption software called OpenSSL. This is an open-source set of libraries that serve to<\/span> encrypt online services and make websites \u2018secure\u2019. The HTTPs in the URL has an S that represents the word secure and this solution makes up 56% of<\/span> websites. Worryingly the Heartbleed bug affected half of that number and in theory, a cybercriminal could exploit networks by making requests that targets <\/span>users sensitive data.<\/span><\/p>\n

Funnily enough however there hasn\u2019t been any indication that hackers managed to exploit this before researchers at Google located the problem. So, the<\/span> Heartbleed bug didn\u2019t quite manifest in its worst possible instance; however, it could have. The scariest part is that hackers could have infiltrated a <\/span>number of big name websites and extracted any information they wanted.<\/span><\/p>\n

However there hasn\u2019t always been clear information on which sites were affected by the bug. Further to this, as the vulnerability also affects network<\/span> hardware such as routers, vendors too are on the clean-up case. That\u2019s still the case unfortunately but let\u2019s have a look at some things you could do to <\/span>avoid further data loss and retain your privacy online.<\/span><\/p>\n

Plan of attack<\/strong><\/span><\/h2>\n

If you fear that you\u2019ve been targeted and want to check, there\u2019s a handy online tool that can help. It\u2019s called the Heartbleed Checker<\/a> and it lets you enter a URL of any website to ascertain if its vulnerable to the bug and<\/span> whether or not the site has issued a security patch. Mashable has also provided a list of websites that were affected<\/a>. Information is key here and it\u2019s worth knowing <\/span>if your details have been exposed in order for you to take the necessary steps to protect your information.<\/span><\/p>\n

Users that discover their sites or sites that they use listed should immediately change passwords, especially for major accounts. Email, banking, and<\/span> social media logins are all vulnerable and you should make sure that you have new secure passwords<\/a>. Make sure that the site itself has <\/span>reissued digital certificates that might be vulnerable as if they haven\u2019t changing your password wont do much good.<\/span><\/p>\n

The main cause for concern is websites that have sensitive user information on them. Big social media sites and dating websites were all exposed, but the <\/span>good news is that most of those sites have released patches and updates \u2013 users should go and change passwords right now.<\/span><\/p>\n

Make sure that your favourite websites have updated their servers and negated the dangers of the Heartbleed bug before changing passwords. This is <\/span>especially true now that the bug has been named. Changing a password on an unsecure site is completely counter intuitive and ultimately pointless.<\/span><\/p>\n

There are exceptions<\/strong><\/span><\/h2>\n

It\u2019s not fair to say that every website using OpenSSL web servers was affected and it looks like Facebook, Twitter, WordPress, and Amazon all escaped<\/span> unscathed. Facebook and Google did release security patches, but it looks like that was merely preventative instead of necessary. There are some websites <\/span>that aren\u2019t considered in danger of the Heartbleed bug and some of those are AOL, Foursquare, and Evernote.<\/span><\/p>\n

Microsoft is also not vulnerable to the bug but again users should use the Heartbleed Checker mentioned above and make certain that their data is safe. If <\/span>in doubt, don\u2019t rely on sites to protect you, it\u2019s up to you so make sure that your information is out of harms way.<\/span><\/p>\n

The internet companies that were vulnerable to the bug have mostly patched their servers and users should change their passwords immediately. However this<\/span> is no guarantee that your information wasn\u2019t already stolen. Users can find some solace in the fact that it seems that hackers had no knowledge of the <\/span>exploit until recently.<\/span><\/p>\n

Most companies are advising customers to change their passwords as a precautionary measure. However also bear in mind that many security advisers have said <\/span>that changed a password before the situation is addressed is pointless, and it\u2019s been said that the clean-up could take many months.<\/span><\/p>\n

Passwords should be changed regularly<\/strong><\/span><\/h2>\n

It\u2019s a good lesson really and also a good practice to adopt \u2013 passwords should always be changed regularly. The other thing that many internet users do is<\/span> to have the same password on multiple accounts and if only one of those sites was vulnerable you\u2019ll have to change all of those passwords. Remember it\u2019s <\/span>bad practice to have the same password for more than one website.<\/span><\/p>\n

It seems then that what can be done is being done. Internet users only have the option of changing passwords in response to the insidious Heartbleed bug.<\/span> But there\u2019s an example here and internet users should be much more security orientated. Passwords should be original and used only on one online profile or<\/span> website; the best way to protect yourself using passwords is to use a password manager<\/a> to store and generate all<\/span> passwords for you.<\/span><\/p>\n

The Heartbleed Bug has revealed a number of problems with security online<\/a>. Proactive internet users should use this as an example of why good password and<\/span> security choices are a must. Check what websites were affected and alleviate the fear that it could happen again. Be smart online and make sure that your <\/span>passwords are different for all of your various logins and often disparate online prescience\u2019s.<\/span><\/p>\n

\u00a0<\/p>\n

\"Tweet<\/a><\/p>\n

\"Share<\/a><\/p>\n

Photo Credit: nate steiner<\/span><\/a> via Compfight<\/span><\/a> cc<\/span><\/a><\/span><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Are you affected by the Heartbleed Bug? The recent Heartbleed bug has been dubbed the biggest security threat the internet has seen. The vulnerability affected a huge number of popular and well-known websites and a large proportion of users ran the risk of having their sensitive account information exposed. Perhaps the most worrying thing is […]<\/p>\n","protected":false},"author":2,"featured_media":2233,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,13,6],"tags":[],"class_list":["post-2238","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general-it","category-pc-security","category-tech"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/2238","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/comments?post=2238"}],"version-history":[{"count":5,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/2238\/revisions"}],"predecessor-version":[{"id":7326,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/2238\/revisions\/7326"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media\/2233"}],"wp:attachment":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media?parent=2238"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/categories?post=2238"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/tags?post=2238"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}