The big news in cyberspace lately has been the Heartbleed bug, which has affected major websites around the world. Let’s get the most important thing out of the way: the COATS site has not been affected by the Heartbleed bug, nor is it vulnerable to the bug.
Now, then. What exactly is the Heartbleed bug? Well, you’ll notice that we keep using the word “bug” rather than virus. That’s because it isn’t a virus! (Of course, you can still enjoy this excellent Weird Al song about viruses; it’s just not topical.)
Heartbleed is the name given to a vulnerability in the code that allows a website to communicate with an encrypted web server. (When you see a web address that starts with https:// rather than http://, that means it’s encrypted.) That vulnerability means that malicious users can request information from encrypted servers, which could include passwords and login credentials.
It’s easy to get caught up in panic when something like this affects so many websites, but we’ve got some good, reassuring news:
- Your bank isn’t affected. Banks use different server encryption code, that doesn’t have the Heartbleed vulnerability.
- Hackers can’t use Heartbleed to access your mobile devices. A relative might have sent you an email saying that hackers could control your cell phone through Heartbleed; refer them to the Weird Al video.
- Also, did we mention: the COATS site is not vulnerable to the bug!
There are steps you can take to protect your online data should another Heartbleed happen:
- Start using two-step verification for your email and social accounts. You can learn how to do that in this CNET article.
- Protect and manage your passwords. This article reviews five tools for password management.
- Diversify your passwords. It’s so tempting to use one password for all sites, but if a hacker finds your password for one of those sites, that means they’ve got access to all of them.
Hopefully, this has helped answer some questions and concerns about Heartbleed. Hang in there; we’ll be okay!