Online marketers, website owners and Internet users have been on edge these past several days because of the so-called Heartbleed Bug. Many of you may be panicking over the security of your information, but before you reach any conclusions, I’d like to share with you a few things you need to know about the Internet’s latest threat that can clarify any misconceptions you may have.
It’s Not a Virus
You may have thought that because of its name, the Heartbleed bug is a virus, malware, or some other form of invasive program. Heartbleed is not a virus. It is vulnerability in specific versions of OpenSSL caused by a flaw in its coding. While your usual security protocol protects your conversations successfully, the Heartbleed Bug leaves this conversation open for eavesdropping.
Not Every Online Service is Affected
Yes, it’s true that websites aren’t the only online properties affected by this coding flaw. This bug also affects online servers, networks, and cloud services. But before you go on panicking, you have to remember that this only affects versions 1.0.1 through 1.0.1f of OpenSSL, and not everyone uses this.
You will have received a notification email from your service providers by now about Heartbleed. Some of the biggest names you’ll recognize, like Facebook, Tumblr, and Pinterest, were found to be vulnerable, and have already asked their users to change their password after patching the vulnerability. However, many banks, ecommerce sites, networks and other online services don’t use OpenSSL, which means your information may not necessarily be at risk.
Mobile is Affected Too
The good thing about Android and iOS platforms is that they’re both not susceptible to this coding flaw. There is one exception for Android, though – 4.1.1. Google announced that they will be releasing a patch to fix this problem.
If you’re using other mobile phones running on different operating systems, though – such as Blackberry – you might want to consider changing your pins and passwords. Blackberry in particular admitted that BBM was susceptible to Heartbleed because it uses one of the versions of OpenSSL with the said flaw.
Once You’re Patched, You’re Safe
This isn’t necessarily true. If your site was one of those affected by the Heartbleed bug, you might still need to change a few things to ensure your security. It’s possible that information was leaked already during the time your site was affected, and because it leaves no trace, there’s no way for you to know if someone already has your information.
You should change all of your passwords once you’ve fixed your site. You also need to revoke the security certificates of third-party providers you have that are vulnerable and get a new security certificate before you start using them again.
Talk to us today to find out more about this bug, and find out how it can affect your business online. We’d be glad to help.
Latest posts by Clayton Wood (see all)
- 5 Year Anniversary In The Philippines: My List Of Influencers - July 22, 2014
- TrueLogic Executives Speak at the Financial Times Digital Learning Week - July 16, 2014
- Google Rolls Out Panda 4.0 - May 21, 2014