This week it has emerged that a major security flaw at the heart of the internet may have been exposing users’ personal information and passwords to hackers for the past two years.
It is not known how widely the bug has been exploited, if at all, but what is clear is that it is one of the biggest security issues to have faced the internet to date.
Security expert Bruce Schneier described it as “catastrophic”. He said: “On the scale of one to 10, this is an 11.”
The bug exists in a piece of open source software called OpenSSL which is designed to encrypt communications between a user’s computer and a web server, a sort of secret handshake at the beginning of a secure conversation.
It was dubbed Heartbleed because it affects an extension to SSL (Secure Sockets Layer) which engineers dubbed Heartbeat.
It is one of the most widely used encryption tools on the internet, believed to be deployed by roughly two-thirds of all websites. If you see a little padlock symbol in your browser then it is likely that you are using SSL. Half a million sites are thought to have been affected.
Sevenoaks Computers recommends that you change ALL of your passwords to secure websites and e-mail addressed immediately. If you require assistance with this, don’t hesitate to get in touch.