Listen Live on  
 

1075 The River

Nashville: Live Life. Love Music.
 
 

Woody and Jim

The worst internet attack struck and you may have to change your passwords!

 

A huge number of popular websites were attacked by the "heartbleed bug" and you may need to change your passwords.

Here's what the experts say:

Heartbleed Is A Flaw In Openssl, The Open-Source Encryption Standard Used By The Majority Of Websites That Need To Transmit The Data That Users Want To Keep Secure. It Basically Gives You A Secure Line When You’Re Sending An Email Or Chatting On Im.
Encryption Works By Making It So That Data Being Sent Looks Like Nonsense To Anyone But The Intended Recipient.
Occasionally, One Computer Might Want To Check That There’S Still A Computer At The End Of Its Secure Connection, And It Will Send Out What’S Known As A Heartbeat, A Small Packet Of Data That Asks For A Response.
Because Of A Programming Error In The Implementation Of Openssl, The Researchers Found That It Was Possible To Send A Well-Disguised Packet Of Data That Looked Like One Of These Heartbeats To Trick The Computer At The Other End Into Sending Data Stored In Its Memory.

- source (Business Insider)

What?  Huh? Basically, you may have to change your passwords. But a simple password chang won't work unless the site has fixed itself with a patch.

C|Net posted a list of the big websites and whether they fixed it. Here's a part of the list (link to the entire list below):

SiteQualysConfirmation from site
Google Pass Vulnerability patched. Password change recommended
Facebook Pass Vulnerability patched. Password change recommended
Instagram Pass Vulnerability patched. Password change recommended
YouTube Pass Vulnerability patched. Password change recommended
Yahoo! Pass Vulnerability patched. Password change recommended
Amazon Pass Awaiting response
Wikipedia Pass Vulnerability patched. Password change recommended
LinkedIn Pass Was not vulnerable

eBay

Pass Was not vulnerable

 For the rest of the list, go to C\Net.

So here's the deal. If they patched their site, change your password. If they haven't patched it. Don't go there until they have. Then change your password.

 

 Go here to check on any individual website.

You can also get more info at this link given to us by a tech guy. 

 

Recommended Stories

More from 1075 The River

*