Take advantage of our commitment to Fanatical Service, enhance your Peace of Mind and get Fully Managed®.
The recent media attention to a security vulnerability called Heartbleed, has got a lot of people asking, "What is Heartbleed?" and "Am I at risk?"
The short answer is not likely. This is a security hole in software, not a traditional virus and the bug is far more likely to impact non-Windows equipment (Unix servers, Linux servers etc.) than your work or home equipment.
That said, it's estimated that 66% of websites on the internet may be impacted by this security hole and you may have noticed that several sites have publicly advised users to change their passwords. Some notable examples include Yahoo, Gmail, Imgur, OKCupid, Eventbrite and many others. In order to be safe, you should change your passwords on pretty much most of the websites you may use.
Concerned about having to memorize more passwords? I am personally a big fan of Lastpass. It's password management tool that makes it easier to have secure passwords for all your websites, without having to memorize or even know them at all.
Please note if you don't care about the technical background you can stop reading here.
Heartbleed is a coding bug in a specific version of the OpenSSL library. What this bug ends up allowing for is for "hackers" to go fishing at random in to the server's memory. A specialized packet request sent to a server, with this bug, will trick the server in to revealing a small chunk of its memory. This potentially could allow a "hacker" to reveal a private encryption key thereby compromising the encrypted communication between two systems and allowing unauthorized access to passwords or other sensitive data.