Sports Editor
Somewhere
in Europe, four programmers help maintain one of the Internet’s most critical
security features. Only one of them considers it to be a full time job, while the
other three work different jobs during the day and work on the software in
their spare time. Combined, they earn less than $1 million a year for their
work in keeping the entire Internet running. They are the creators and
caretakers of OpenSSL, which is used for security on popular web servers such
as Yahoo and Tumblr. The software helps to provide encrypted information to
visitors so that passwords and usernames cannot be seen by others while it
transfers from your computer to the website. It is used by nearly two-thirds of
currently active websites.
But
there is a huge problem with OpenSSL. For nearly two years, an unknown critical
security flaw known as Heartbleed existed, which could have allowed hackers to
obtain user data and monitor past and future website traffic, even if it is
encrypted. Due to underfunding, the programmers at OpenSSL did not have the
manpower to uncover the bug, so it took two years until it was finally
discovered by researchers at Google. If exploited, your e-mails, passwords, and
even instant messages could have been obtained by people with malicious
intentions. Luckily, nearly all online shopping and banking sites do not use
OpenSSL, meaning they were not vulnerable to Heartbleed. However, it is unclear
whether or not hackers actually knew about Heartbleed. Nobody has been able to
confirm that they knew about the flaw, but that does not change the fact that
users should be taking measures to ensure that their information is not stolen.
The
problem has been patched over the last week and a new version of OpenSSL has
been released, annihilating Heartbleed. But hackers may still have your
passwords so it is best to change your passwords for the services that have
been identified as vulnerable, such as Google and Imgur. The initial panic
caused by the flaw has subsided, and the Internet is free to return to normal
functioning.
