apr 4, 2014 - OpenSSL: HeartBleed

Description:

https://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/

https://en.wikipedia.org/wiki/Heartbleed

The Heartbleed bug, a newly discovered security vulnerability that puts users' passwords at many popular Web sites at risk, has upended the Web since it was disclosed earlier this week. It's an extremely serious issue, and as such, there's a lot of confusion about the bug and its implications as you use the Internet.

CNET has compiled a list of Frequently Asked Questions to help users learn more about the bug and protect themselves. The Heartbleed situation is ongoing, and we'll update this FAQ as new issues arise. Check back for new information.

What is Heartbleed?

Heartbleed is a security vulnerability in OpenSSL software that lets a hacker access the memory of data servers. According to Netcraft, an Internet research firm, 500,000 Web sites could be affected. That means a user's sensitive personal data -- including usernames, passwords, and credit card information -- is potentially at risk of being intercepted.

The vulnerability also means an attacker could steal a server's digital keys that are used to encrypt communications and get access to a company's secret internal documents.