A quick post for anyone interested and listeners of the ABC Drive radio program in Perth, Australia, to whom I spoke today on the topic of the Heartbleed OpenSSL vulnerability that has put people’s passwords at risk – even if they saw the little “lock” in the address bar of their browser.
Full technical details of HeartBleed can be seen here at Heartbleed.org – created by one of the two separate teams that independently found the bug.
CNET in the US has a great article on how to protect yourself from this bug.
While top sites such as Google search, Gmail, Yahoo search, Yahoo Mail, Tumblr, Facebook and others have rushed to patch and eliminate the vulnerability, not every online service using the OpenSSL protocol will be secure as yet.
To check whether your favourite online and password protected service is safe, or not, you can type in that service’s web address at this site Filippo.io/Heartbleed/
The password management software that I use to help me manage the many, many passwords I have is called 1Password from Agilebits. It’s not free, nor is it cheap, but it’s the software I use on my PCs, Macs and smartphones.
Stay safe out there!