Internet and security is the hottest topic in today's world. SSL/TLS has been under a lot of scrutiny as of late because of all the flaws that have been found or created. It is no longer an if there is a security flaw, it is just a countdown till the next one.
Welcome Heartbleed, the new big security flaw.
So what is heartbleed? It is actually not unlike the security flaw that was found by Apple in Safari. It is another SSL/TLS encryption flaw. As I wrote in my last article, SSL/TLS is the "digital handshake" that allows your computer to talk to a server. It basically encrypts your data while it travels to the destination so no one can see things like your bank accounts, passwords, and tweets. Unfortunately, Heartbleed found a vulnerablility and exploited it. This vulnerability is NOT WITH YOUR COMPUTER, it actually affects company's servers that you access. For the tech savvy, it hit apache servers the hardest.
Does this affect me?
The short answer is yes, the longer answer is that security experts are still arguing how bad it is. Here is a list of popular affected websites:
If you want to check if your website or other websites you visit are affected a tech security consultant from Italy made a checker!
What do I need to do!
Change your passwords! If you didn't before with the last SSL/TLS security flaw, then you definitely need to now!