6 Security Tips for the Heartbleed Bug and Beyond
As the Heartbleed bug continues to make news as the full extent of the security loophole becomes known, some basic Internet security tips may help to keep computers safer. While these are no guarantee that the Heartbleed bug won’t affect you personally, these tips should keep your computer safer in general.
1. Be skeptical
The Heartbleed bug first became evident in many websites that we all considered secure when they had a security hole that could expose user data to hackers who could exploit it. As Mad-Eye Moody says in the Harry Potter book series, “Constant vigilance.” In other words, assume that you’ve come in contact with the Heartbleed bug.
2. Follow news of the Heartbleed bug
The Heartbleed bug is still a developing story. Following reports will let you know if any additional websites, software, or devices are affected.
3. Keep the security software on your computer up to date
Even if you have been not exposed to the Heartbleed bug or any other threat online, a secure firewall is the first line of defense for your PC or Mac against hackers. Use a reputable brand and check to make sure your subscription is up to date as well as any patches or updates to the software.
4. Check and recheck lists of affected websites
The chances you may have visited a website affected by the Heartbleed bug are pretty likely as several big websites like Yahoo, Facebook, and Google were all patched following news of the Heartbleed bug. Several technology websites are making lists of websites and if they are vulnerable to the bug. Mashable and CNET have extensive lists. (Warning: Not all lists are being updated.) Check more than one list to make sure the website is no longer affected.
Also if you are unable to find a website on any of the various lists, use a tool like this one built by Italian cryptology and security consultant Filippo Valsorda to check out a wesbite before logging in.
5. Passwords are like socks. Change both often
If you did visit a website that has been vulnerable — you won’t necessarily know if it’s been affected, due to the traceless nature of the bug — but is now patched or otherwise fixed, change your password. Generally a good password has uppercase letters, lowercase letters, numbers, and special characters. Also, do not repeat passwords. If you will not remember multiple passwords, consider a password manager instead.
6. Check your bank account, debit, and credit card balances often if you use them online
While Bank of America, Chase, Wells Fargo, PayPal, and Capital One did not use the OpenSSL encryption where the Heartbleed bug hid, it’s a good idea to keep an eye on any financial account you use online for security and personal finance reasons. Netflix, which requires an online payment, had to be patched, making it a good idea to keep a close eye on whatever card you use to enable Netflix binges.
If you rarely shop or pay for services online, viruses and identity theft are good reasons to check your accounts often anyway, even if the Heartbleed bug might not have been able to go after your bank.