michael kors bags cheap |
By now, you may have heard about. In short, it’s a bug in a commonly used security system that potentially two-thirds of Internet sites use to keep your sensitive information (like your password) safe. A group of researchers discovered it Monday evening, and major websites have been scrambling to patch the error.
What can you personally do about it? In a nutshell: Wait, and.
Any vulnerable site that you’ve given your sensitive information to may still be working to fix the problem. Meaning you should wait to change your password after the site has officially announced a patch. Otherwise, anyone who has exploited the flaw could pocket your new login info, too.
How can you tell when it’s safe to change your password on any given site? We’ve put together a list of which of the top-trafficked sites in the United States were vulnerable to the bug (per a check done by the open-source code site on April 8), with our own updates.
A quick key: “Not vulnerable” means the site was never exposed to the flaw in the first place. “No SSL” means the site in question doesn’t use the encryption tool that was found to be faulty. “Was vulnerable” means you should go to your site and change your password now.
1. Google.com: Not vulnerable.
2. Facebook.com: Not vulnerable.
3. YouTube.com: Not vulnerable.
4. Amazon.com: Not vulnerable.
5. Yahoo.com: Was vulnerable. Yahoo Mail was vulnerable to attack but has since announced that it has been patched, along with other main Yahoo sites such as Yahoo Search, Finance, Sports, Flickr and Tumblr.
6. Wikipedia.org: Not vulnerable.
7. LinkedIn.com: No SSL.
8. eBay.com: No SSL.
9. Twitter.com: Not vulnerable.
10. Craigslist.org: Not vulnerable.
11. Bing.com: No SSL.
12. Pinterest.com: Not vulnerable.
13. Blogspot.com: Not vulnerable.
14. Go.com: Not vulnerable.
15. CNN.com: No SSL.
16. Live.com: No SSL.
17. PayPal.com: Not vulnerable.
18. Instagram.com: Not vulnerable.
19. Tumblr.com: Was vulnerable. Tumblr was vulnerable to attack, but Yahoo has since announced that it has been patched.
20. ESPN.go.com: Not vulnerable.
21. WordPress.com: Not vulnerable.
22. Imgur.com: Not vulnerable.
23. HuffingtonPost.com: No SSL.
24. reddit.com: Not vulnerable.
25. MSN.com: No SSL.
GitHub’s survey found that other well-known sites like OkCupid, Flickr, Imgur, WeTransfer, and Slate were all vulnerable at one point. Flickr, OkCupid, and Imgur have been patched, so you’re clear to update your passwords for those site. We’re waiting to hear from the rest.
If you’d like to see if a specific site is vulnerable to Heartbleed, you can enter the URL .
If you want to be extra safe, you can also install the . This extension will warn you when you stumble upon a site that’s vulnerable to the Heartbleed bug, so that you know not to enter any sensitive information.
Finally: Just because a site was never vulnerable doesn’t mean your password is safe. If you use the same password for multiple websites, it’s probably best to change all of them, even if the site in question wasn’t vulnerable. Attackers could use login information they’ve gathered from other sites to break into other accounts.
Oh, and while you’re changing your passwords,. Because if your password is “123456,” it’s not keeping hackers out anyway.
More from Breakout:Social & Online Media
michael kors eyeglasses outlet
michael kors outlet allen
michael kors bags cheap
michael kors eyeglasses
michael kors handbags outlet on sale
michael kors sandals