If you use the internet, it's probably a good idea to reset your passwords. Don't say you haven't been warned.
9 April 2014 • 4 min readsecurity ssl
Yesterday, a security vulnerability in Open SSL was made public.
There is more information here: http://heartbleed.com
That is quite a technical resource, so feel free to browse the more friendly versions here:
Approximately 2/3rds of the internet is affected (here’s a list of big providers: https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt) and there is a huge amount of interest in the story, with the BBC carrying it on their homepage today (linked above). You will likely see this pop up across many sites you log into very soon.
In essence, it is possible for an attacker to eavesdrop on passwords being sent by users to login to their accounts due to a bug in the encryption software.
If you use the internet, it’s worth resetting your passwords immediately. The implications of this vulnerability are huge - sites you though you were signing in to securely may not have been.
bodged with ♥ in NCL, AMS, NAP, NYC, BOS and LDN