Heartbleed Bug

You trust web sites to protect your communications when you see the little lock icon in your web browser. This is why it's okay typing passwords or your credit card numbers into web sites.

A popular piece of code called OpenSSL that is used by many Internet companies to provide this kind of security has been discovered to have an error in it. The "bug" has been in the code since March 14, 2012 and can leak information in some cases. The "bug" has been fixed as of April 7, 2014 and companies are working to implement the fix.

The main cause for concern with the Heartbleed bug is there is a possibility of people discovering the password for one of the effected systems. This is not a problem, if you are sensible and use different strong passwords on every web site (see our previous post for information of strong passwords). Below is a link to a list of some of the effected sites, if you use one of the vulnerable sites, please change your password, if they have patched the problem. 

CNET: Check if sites have been patched

You can check other website using this tool provided by LastPass

LastPast: Heartbleed checker

The main school website is not affected and the learning environment runs a different version of SSL. We store no personal data on either system. 

For more information on the Heartbleed bug click here.