–
This is a public service announcement about a huge computer security problem, the biggest one in the history of the internet.
The Heartbleed bug (aka CVE-2014-0160) has made many sites using https security vulnerable for the past 2 years, to random downloads of information, including user names and passwords. The range of sites that were affected is vast, including Yahoo, facebook & Instagram.
Here is a list provided by Mashable of the affected sites, along with their carefully-worded statements about their fix of the bug & whether to change your password or not:
Heartbleed Hit List
Before you change your password for a web site, you can use the tool below to make sure that site has fixed the Heartbleed problem:
Test your server for Heartbleed
In addition, if you have a device with Android 4.1, you should update it
+++
Links:
The programmer behind Heartbleed
The NSA reportedly has been exploiting Heartbleed for some time
A great xkcd cartoon explanation of the Heartbleed bug
+++