A brand new security flaw has affected 66 percent of the internet. The bug is called Heartbleed and it affects the Internet security protocol named SSL, specifically OpenSSL, according to The Huffington Post.
To understand how bad this bug is, you must first understand how both SSL and OpenSSL work.
When you login into a website, the information is sent to that website’s servers. The credentials are encrypted using SSL or OpenSSL, which is used by some two-thirds of websites.
Right now, Heartbleed is affecting OpenSSL. It is being exploited by hackers to gather raw text from instant messages, emails, business documents and passwords.
The security issue with Heartbleed has been around for two years prior to being discovered.
The CEO of Cloudfare, Matthew Prince, said: “When you finish using a website, make sure to actively log out. Heartbleed is so serious — it’s such a big, bad event — that almost every major service is scrambling to clean it up as quickly as possible.”
Prince said that most of the vulnerable websites should be cleaned up by the end of this week. He did say that other sites such as OKCupid, Yahoo.com and Flickr are still vulnerable to Heartbleed.
Users of the internet should not log into any sites that have been deemed vulnerable until a reliable source from the website says that the issue is fixed. Passwords for vulnerable sites should also be changed immediately.
Looking for information technology jobs? Click here.