NOTE: You may notice that this post is different. The site unexpectedly crashed this evening and of course everything except this post was recovered :p Big Thanks to the GoDaddy team for all their help. I tried to at least recapture the important parts but apologize for anything I may have missed. If nothing else, the gifs are here! 🙂
THE HEARTBLEED BUG IS IMPORTANT AND DESERVES YOUR FULL ATTENTION BECAUSE IT AFFECTS YOU!
SHARE THE KNOWLEDGE WITH THOSE AROUND YOU.
Short Story:
- The Heartbleed bug affects anyone and everyone who uses the Internet.
- Websites & mobile apps are taking steps to patch the bug but YOU still need to update your passwords after the website applies the patch for each and every site.
Background:
When using the Internet, sometimes you need to send important information that is private and/or sensitive. Information like your password, address, credit card numbers, SSN, etc. The kind of information that you do not want just anyone seeing. This type of information should always be sent over HTTPS which is not the same as HTTP. HTTPS has an additional Secure-Socket Layer (SSL) that encrypts the information sent and received. Regular HTTP simply sends the information without any encryption. For example, if my password is “39#y2nl+0” here is how it will be sent:
HTTP: 39#y2nl+0
HTTPS: *********
Do you see the difference? HTTPS & SSL protect your information and prevents hackers from discovering your information.
Long Story:
The Heartbleed bug is a software bug that affects OpenSSL, a form of SSL. The bug allows hackers to retrieve from the memory of the host computer (usually the websites & their servers), private & sensitive information. Mobile apps and sites which use OpenSSL are affected by the Heartbleed bug and include Google apps, Facebook, Tumblr, Yahoo, Youtube, OKCupid, Netflix, GoDaddy, Gmail, Google, Instagram, Pinterest, Dropbox, and many more. Many of these sites have already applied a patch (a software fix) once the bug was discovered and are now okay. But as someone who uses an affected site, you need to update your password after the site has been patched.
Think of it like this. Let's say a hacker was able to get your information from one of those affected websites. They can then use that information to learn more about you from the other websites. And with just the right information, a hacker could easily steal your identity and/or credit card. The email you use on a social network could lead them to getting into your email and stealing your private information and using what they find to get your credit card numbers from a service/shopping site and then use all of that combined to run up your credit card and/or steal your identity. Oh just a thought but if they do get into your email, then they now have access to all of your contacts and their personal information, right?
The question you have to ask yourself is this:
Do I want to spend 30 minutes updating my password for each website/email/social network that was affected? Or…..Do I want to spend months maybe years disputing false charges on your credit cards or trying to fix your credit report?
I know what I choose.
Bottom Line: Don't take this lightly. Update your passwords on all of your affected email accounts, websites, mobile apps, and social networks after they have been patched.
Do your homework. LastPass has put together a website checker that will tell you if a site has been affected and its current status. CNET, MASHABLE, and Digital Trends have put together lists of sites that have been affected and if they have been patched.
And for more information on the Heartbleed bug, here's a handy link to Google.
Things You Ought To Know: The Heartbleed Bug affects you.