Tip of the Hat: What the Heartbleed bug means for you

Here's a simple description of a complex problem that could affect hundreds of thousands of online businesses and their users

The just-discovered Heartbleed security bug that lets hackers decipher encrypted data has been exposing the personal information -- user names, passwords, payment card data a likely more -- used for online transactions for about two years, security researchers say.

The severe flaw in OpenSSL, encryption technology used by an estimated 500,000 websites, could could let hackers access, and translate, encrypted code without the knowledge of those running the website -- or the users supplying the data. The data is exposed as it flows between user computers and business servers.

Security experts have started distributing a fix for the problem, and say it should be used immediately, according to computer security experts.

The problem clearly affects millions of online shoppers, online bankers and even e-mail users, who need to know what happened and what they can do to alleviate the potential pain.

Computerworld offers a Tip of the Hat to Shane Dingman of the Toronto Globe and Mail for an easy-to-understand look at what happened, at some key websites affected and whether users can do anything at this point. In the story, Explainer: What the Heartbleed security bug means for you, Dingman also offers a solid explanation on how the bug works.

Read more about security in Computerworld's Security Topic Center.

Tags e-commercesecuritycomputerworldinternete-businessMalware and Vulnerabilities

More about Topic

Comments

Comments are now closed

ACCC rebuffs Telstra's rivals on wholesale pricing

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
CIO
ARN
Techworld
CMO