What the Tech?! OpenSSL

The most popular open-source library used to implement secure encryptions for websites, e-mail servers and applications. SSL stands for ‘Secure Sockets Layer’, and OpenSSL simply means that anyone with the means can contribute to

You’ve likely heard a lot about OpenSSL lately because of Heartbleed, the security issue that was reported last week. And you’ve probably been told to change your password on every site you care about (if you haven’t, you should). An error was added into the OpenSSL code that allowed anyone who knew how to read chunks of memory and retrieve extensive security information (like passwords and cookies) that are usually protected by encryption. The vulnerability affected about 500,000 secure sites running OpenSSL, which is about 66% of the Internet.

The bug (called Heartbleed because it occurred in the heartbeat extension within the code base) was present for two years before being discovered and patched last week. If you’re running Android on your mobile phone, you can use the Heartbleed Detector app to tell if your information has been compromised. Apple doesn’t use OpenSSL on any of it’s operating systems.

Now that you’ve got a grip on the news story, go change your passwords.