Locals encouraged to change passwordsPublished 12:00am Friday, April 18, 2014
Locals are being warned this week to change their passwords in light of what is being deemed one of the Internet’s biggest security threats.
Heartbleed, which has been around for two years, has only recently been discovered.
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library, according to heartbleed.com.
“This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.
According to the website, the bug “allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and actual content.”
Many companies have since released patches, but information may still be vulnerable.
Popular websites such as Facebook and Gmail have been affected, and could have exposed account information such as passwords and credit card numbers over the last two years.
Robert Copeland of Copeland Computer Systems said it’s not always easy to discern which sites have been targeted.
“On secure sites, you will see the lock,” he said. “That indicates that it is secure, but for some who were using Open SSL, there was a hole that caused it to be unsecured.
“The way to fix the problem is to change your passwords,” he said. “There is no one-way to know what companies are using Open SSL. The companies have to publicly acknowledge it.”
Copeland suggested that anyone who has a question about whether a company he or she has used was breached to simply call them.
Some of the companies that were exposed to the bug have updated their servers by issuing a security patch.
Still, there is no guarantee that information hasn’t been compromised.