dcsimg
ADVERTISEMENT

Heartbleed Bug: Information, Advice and Resources

The Heartbleed Internet security flaw has made a mess that might not be cleaned up for awhile
graphic of bleeding heart over a computer keyboard and key
graphic of bleeding heart over a computer keyboard and key



Flickr/Filippo

The Heartbleed Internet security flaw discovered this week continues to affect thousands of websites, and even some Android phones, home wireless routers and embedded devices.

It's likely that this mess won't be cleaned up for quite a while. In the meantime, here are the basics and some useful links.

MORE: Best PC Antivirus Software 2014

Heartbleed basic facts

What's affected:

Some (but not all) secure Web, email, instant-messaging and mobile-app communications

Some (but not all) home wireless routers, printers and firewalls

Some (but not all) Internet networking equipment

Some (but not all) Internet-connected devices running embedded software

Smartphones and tablets running Android 4.1.1 Jelly Bean (scroll down for how to check your device status)

Certain Linux desktop distributions, including Ubuntu Linux

What's not affected:

Web, email and mobile-app communications that were never meant to be secure

Windows PCs, Macs, most Linux desktop and laptop machines

iOS devices and most Android devices

What you can do:

Change account passwords for affected websites and services

Install firmware updates for wireless routers, printers and firewalls when they become available

Install updates for devices running Android 4.1.1 Jelly Bean when they become available

Install updates for Linux desktop distributions when they become available

 

Heartbleed useful resources

Heartbleed: Which Passwords You Need to Change

Yahoo Mail and Heartbleed: How to Secure Your Account

Heartbleed: Who Was Affected, What to Do Now

Beware Heartbleed Password-Reset Phishing Scams

'Heartbleed' Bug Kills Security on Millions of Websites

Other resources

Lookout Mobile Security app to detect vulnerable Android devices

Top 10,000 websites broken down by Heartbleed vulnerability status (compiled before many patched their servers)

Web page to manually check a website's vulnerability status

Webpage that checks a site's vulnerability status and assesses whether security credentials have been renewed

Firefox add-on to detect vulnerable websites

Chrome extension to detect vulnerable sites

Detailed technical explanation of the Heartbleed flaw

Good, non-technical explanation of how a Heartbleed exploit works

Follow Paul Wagenseil at @snd_wagenseil. Follow Tom's Guide at @tomsguide, on Facebook and on Google+.

Copyright 2014 Toms Guides , a TechMediaNet
Share this Article:

Comments

You must sign in or register as a ScientificAmerican.com member to submit a comment.
ADVERTISEMENT