abc
QUICK LINKS:

New Online Security Risk 'Heartbleed' Leaves Millions Vulnerable, Experts Recommend Password Changes

Updated: 04/09/2014 11:47 PM
Created: 04/09/2014 11:07 PM WDIO.com

A huge gap in the security software used by some of the biggest Internet companies has been found. It has been dubbed the 'Heartbleed' bug, and because of it, the private information of millions was sitting exposed. 

You may recognize the little padlock in the top left corner of some websites you visit. It is supposed to designate the site as secure, but for the last two years that has not been case.  

"The people that wrote this software for this part of that network communication forgot to check a part of that message," Pete Willemsen explained, an associate professor in UMD's computer science department. 

Think of it like this: when your computer connects to a server it sends out a ping known as a heartbeat to check for a secure connection. But with this hole in the code, a hacker could send out a secret heartbeat and retrieve any information that is still in memory — that is where the name "Heartbleed" comes from.

"So, that could include your user names and your passwords," said Mark Lanterman, CEO of computer analysis company Computer Forensic Services. "In our testing it returned my VPN credentials. This is very, very serious."

Experts are advising people to consider changing all their online passwords.

But changing passwords will not do any good until the services install the recently-released software to fix the problem. 

"This vulnerability, or bug, is really unfortunate in the sense that it sits with software on the servers... on the machines that you typically would connect to," said Prof. Willemsen. "They are responsible for updating that software."

Lanterman adds that "Amazon, your banks, any server, 66 percent of the web servers on the Internet are vulnerable to this attack."

Cyber security firm LastPass has created a search engine to determine if a website you use may have been affected. Find it by clicking here.

Front Page

  • Three Attempted Murder Charges Filed Against Woman in Douglas Co. Shootout

    Twenty two-year old Jessica Gehl of Lake Nebagamon was charged with three counts of attempted first degree intentional murder Friday after she allegedly pulled a gun on her mother and then opened fire on authorities Wednesday. Gehl was also charged with first-degree recklessly endangering safety.

  • Reinert 'Strongly Considering' Running for Duluth Mayor

    When Duluth Mayor Don Ness announced earlier this month that he would not seek re-election, many people were surprised. On Friday, Sen. Roger Reinert said he is strongly considering entering the race.

  • Charge Against Woman in Arrest Video Dismissed

    A judge has dismissed a charge against a woman seen in a video of a controversial Superior arrest.  At a hearing Friday, Judge Kelly Thimm approved a motion to dismiss a misdemeanor disorderly conduct charge against Natasha Lancour.

  • Justin's 2014-2015 Winter Prediction

    Winter is right around the corner and the question on everybody's mind is will we have a winter like last year.  With record stretches of cold and record snowfall last year is one we one like to forget. Chief meteorologist Justin Liles lets us know what we can expect this year

  • Woman in Douglas Co. Shootout was found Unresponsive in House Fire Day Before

    A 22-year-old Lake Nebagamon woman was hospitalized on Wednesday evening after an armed standoff with the Douglas County Sheriff's Office. On Tuesday, authorities say that same woman was found by her neighbors unresponsive and not breathing after they saw flames coming from a downtown Lake Nebagamon home. 

 
Advertisement