The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.
Follow these tips to protect yourself from the Heartbleed Bug:
- Pay close attention to any “Heartbleed” email you receive, especially from financial institutions or retailers, asking to reset your password.
- Monitor your accounts, such as emails, bank accounts and more.
- Change your password for these websites: Facebook, Twitter, Instagram, Gmail, Dropbox.
- Check with your service providers what are they doing to protect your information.
Even though the challenge of predicting where big vulnerabilities may emerge, because of the fact that Internet programmers increasingly build their code using a range of different tools, there is still hope to find the solution to this bug. The Linux Foundation, a non-profit technology group, launched an effort called the Core Infrastructure Initiative to support small open-source projects. Different companies such as, Google, Amazon, Facebook, IBM, Intel, Cisco, and Dell have already collaborated with the cause to identify the open-source projects that most need financial support.