CHANGE YOUR PASSWORD NOW! All your financial internet passwords and email too.
Last week, it was discovered that a bug had crept into OpenSSL that could allow intruders to read encrypted data contained in memory, such as passwords or credit cards. The bug has been called “Heartbleed” and could allow attackers to eavesdrop on communications, steal data and even impersonate users and Web services. Computer security expert Bruce Schneiercalled it “catastrophic” and said that on a scale of one to 10, “this is an 11.” News about the bug has sent people racing once again to protect themselves and change their passwords to avoid further damage or loss.
We’re tempted to say this ought to be a wake-up call, but we have already had so many wake-up calls. To put it bluntly: As a country and as a society, we have come to depend on a vast, interconnected system; if one small part fails, the impact is widespread. As noted in a forthcomingAtlantic Council report, the Internet was created to be based on trust, not security. Finances, news and social media, medical systems, universities, science, transportation, energy flows, national defense and almost anything else you can think of depend on it. Yet we continue to discover that it is vulnerable to theft, intrusion and disruption on an appalling scale.