abc
QUICK LINKS:

New Online Security Risk 'Heartbleed' Leaves Millions Vulnerable, Experts Recommend Password Changes

Updated: 04/09/2014 11:47 PM
Created: 04/09/2014 11:07 PM WDIO.com

A huge gap in the security software used by some of the biggest Internet companies has been found. It has been dubbed the 'Heartbleed' bug, and because of it, the private information of millions was sitting exposed. 

You may recognize the little padlock in the top left corner of some websites you visit. It is supposed to designate the site as secure, but for the last two years that has not been case.  

"The people that wrote this software for this part of that network communication forgot to check a part of that message," Pete Willemsen explained, an associate professor in UMD's computer science department. 

Think of it like this: when your computer connects to a server it sends out a ping known as a heartbeat to check for a secure connection. But with this hole in the code, a hacker could send out a secret heartbeat and retrieve any information that is still in memory — that is where the name "Heartbleed" comes from.

"So, that could include your user names and your passwords," said Mark Lanterman, CEO of computer analysis company Computer Forensic Services. "In our testing it returned my VPN credentials. This is very, very serious."

Experts are advising people to consider changing all their online passwords.

But changing passwords will not do any good until the services install the recently-released software to fix the problem. 

"This vulnerability, or bug, is really unfortunate in the sense that it sits with software on the servers... on the machines that you typically would connect to," said Prof. Willemsen. "They are responsible for updating that software."

Lanterman adds that "Amazon, your banks, any server, 66 percent of the web servers on the Internet are vulnerable to this attack."

Cyber security firm LastPass has created a search engine to determine if a website you use may have been affected. Find it by clicking here.

Front Page

  • Allegiant Departing Duluth Int'l for Good in May

    Less than a week after Allegiant Airlines said they were going to suspend service to Las Vegas from Duluth International Airport in August, officials from the company are now saying they will pull out of Duluth altogether by May 18th. According to the Bureau of Transportation Statistics, Allegiant Airlines is currently the third largest carrier in Duluth.

  • Superior Kids Compete in 42nd Annual Track-O-Rama

    Hundreds of fifth-graders competed in track events for the 42nd Annual Track-o-Rama at UWS on Thursday. One of the UWS faculty members says the goal is to give them a chance to think about what the future might hold as far as college and sports.

  • Johnston Sues Duluth School District, Fellow Board Members

    Duluth School Board member Art Johnston has filed a federal lawsuit against the school district and five of his fellow board members, alleging that his civil and constitutional rights were violated when the board voted to remove him from office.

  • Duluth Children's Museum: Seeking Input From Families

    The Duluth Children's Museum is looking for input as they plan ahead for the future.

  • Grand Marais Wins Travel Contest

    Grand Marais has been named the "Coolest Small Town in America" in an online contest held by Budget Travel magazine. The magazine says Grand Marais won 30 percent of the votes in the competition with 14 other towns. 

 
Advertisement