Update to the Heartbleed SSL Security Vulnerability
Well, it’s been about a month since the Heartbleed Security Vulnerability was found. What happened?
The world ended…
No, just kidding! Lots of people got woken up to the fact that security is actually important!
It’s really is amazing that so much time and money gets put into how a program looks, and yet next to nothing gets put into how secure it is.
But that’s just human nature. We value “looks” over “security.” Look at how people treat each other. If a person looks good, the studies show that we will judge them to be “more trustworthy” than a person who isn’t. Just because of their looks!
But I digress.
Most sites have upgraded their systems and are no longer vulnerable. Some sites weren’t ever vulnerable because they either did not use OpenSSL or did not activate the heartbeat extension of OpenSSL.
One possible place to check if the site you are using is vulnerable or not, is to go to this Heartbleed testing site and check it. There are also browser extensions for Firefox and Chrome which will check this automatically for you.
So, if you haven’t already changed your passwords….
“Now would be a very good time, captain!”
(Well… assuming the site is no longer vulnerable, of course).