Updated: 04/09/2014 11:47 PM
Created: 04/09/2014 11:07 PM WDIO.com
A huge gap in the security software used by some of the biggest Internet companies has been found. It has been dubbed the 'Heartbleed' bug, and because of it, the private information of millions was sitting exposed.
You may recognize the little padlock in the top left corner of some websites you visit. It is supposed to designate the site as secure, but for the last two years that has not been case.
"The people that wrote this software for this part of that network communication forgot to check a part of that message," Pete Willemsen explained, an associate professor in UMD's computer science department.
Think of it like this: when your computer connects to a server it sends out a ping known as a heartbeat to check for a secure connection. But with this hole in the code, a hacker could send out a secret heartbeat and retrieve any information that is still in memory — that is where the name "Heartbleed" comes from.
"So, that could include your user names and your passwords," said Mark Lanterman, CEO of computer analysis company Computer Forensic Services. "In our testing it returned my VPN credentials. This is very, very serious."
Experts are advising people to consider changing all their online passwords.
But changing passwords will not do any good until the services install the recently-released software to fix the problem.
"This vulnerability, or bug, is really unfortunate in the sense that it sits with software on the servers... on the machines that you typically would connect to," said Prof. Willemsen. "They are responsible for updating that software."
Lanterman adds that "Amazon, your banks, any server, 66 percent of the web servers on the Internet are vulnerable to this attack."
Cyber security firm LastPass has created a search engine to determine if a website you use may have been affected. Find it by clicking here.
St. Louis County Cracks Down on Smoking in Child Care Homes
Although most child care providers don't allow smoking in their homes already, St. Louis County created a rule to make sure it stays that way. On January 1st, all licensed family child care homes in St. Louis County will be completely smoke free 24 hours a day, seven days a week, regardless of whether children are present or not.
Remembering Sally: Co-workers Honor West Duluth Stabbing Victim
Coworkers of 75-year old Sally Marie Pionk shared their memories of their "dedicated" and "hardworking" friend Wednesday.
Truck Goes Through Intersection, Crashes into Front Entrance of Red Mug Coffeehouse
Just before 8 p.m., the truck went through the intersection of Broadway Street and Hammond Avenue and struck the entrance of the Red Mug Coffeehouse and Bake Shop. No patrons were using the door at the time of the accident and no pedestrians were injured, according to Sgt. Adam Poskozim.
Trucking Company Rolls Through Country Honoring Vets
A Northland trucking company is honoring America's vets in a very mobile way. Halvor Lines has dedicated one of its rigs to be decorated as a rolling tribute to veterans. The truck just returned from its maiden voyage to Arlington National Cemetery.
Nolan Praises Cuba Policy, Plans Trip
A Minnesota congressman who has long advocated for changes to the United States' Cuba policy says a decision to normalize relations with the island country is a "monumental step" in the right direction.