Click to Skip Ad
Closing in...

What to do about Heartbleed, the massive security bug that affects us all

Published Apr 9th, 2014 10:04AM EDT
BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Heartbleed is a scary, scary bug. Without getting into the technical aspects of this recently discovered security hole, it’s an issue with OpenSSL, the security protocol used to encrypt web traffic. How vast is this gaping security hole? According to experts, about 66% of the entire Internet is impacted by Heartbleed.

It sounds terrifying… and it is.

The Wire put together a great comprehensive post explaining what the vulnerability is and how it works, but the most important thing to know is what you should do about it. And unfortunately, for the time being, options are pretty limited and ineffective.

Because this bug exists on numerous hugely popular websites such as Yahoo, Tumblr, OKCupid and Flickr, millions of usernames and passwords may have been exposed as a result of the vulnerability. This also means that until all of these companies update their websites with a new version of OpenSSL that fixes the bug, users will continue to be at risk.

In the meantime though, there are some steps you can take.

First off, check out this GutHub page for a list of big websites that are or were vulnerable. If you have accounts on any of those sites, change your password immediately. If you use the same password on other sites, change those passwords immediately as well — preferably to something different (everyone should be using a solution like 1password at this point).

Then, sadly, all we can do is wait. Change your password frequently on sites that are known to be exposed until you confirm that they have updated OpenSSL.

For more, check out The Wire’s post, which is linked below in our source section.

Zach Epstein Executive Editor

Zach Epstein has been the Executive Editor at BGR for more than 15 years. He manages BGR’s editorial team and ensures that best practices are adhered to. He also oversees the Ecommerce team and directs the daily flow of all content. Zach first joined BGR in 2007 as a Staff Writer covering business, technology, and entertainment.

His work has been quoted by countless top news organizations, and he was recently named one of the world's top 10 “power mobile influencers” by Forbes. Prior to BGR, Zach worked as an executive in marketing and business development with two private telcos.