Join TechSoup

TechSoup.org The place for nonprofits, charities, and libraries
    Log in
    Join
TechSoup Home
  • Toggle search
    • Product Catalog
    • Services
      • Boost
      • Cloud Help
      • Managed IT Service
      • Consultant Connection
    • Community
      • Community Home
      • Events
      • Forums
    • Resources
      • Articles and How-Tos
      • Blog
      • Storymakers
      • Webinars
    • Help
  • Boost Offers

Heartbleed: What It Is and What You Need to Do About It

  • Featured Topics
  • Forums
  • Blog Archive
  • Recent Activity
  • Featured Topics
  • Forums
  • Blog Archive
  • Recent Activity
Home » Community » Blog Archive » Heartbleed: What It Is and What You Need to Do About It

Heartbleed: What It Is and What You Need to Do About It

tsg_kevin Kevin Lo
11 Apr 2014 2:03 PM
  • Comments 0

By now you've probably heard of a massive IT issue that could potentially affect millions of Internet users. No, we are not talking about the XPocalypse, but  "Heartbleed," a bug discovered early this week that may have compromised the security of dozens of popular websites. Unlike many other bugs found daily by security experts, this quickly gained traction in mainstream media like The New York Times, NPR, even CNN. This is partly due to a clever (and responsible) campaign by those who found it, but also due to its widespread nature. It could affect the majority of websites that begin with "https."

What Was Impacted

"Https" sites use SSL (secure socket layer, also referred to as TLS, or transport layer security) to encrypt sensitive information like usernames and passwords when you visit and use their services. An attacker could have used this bug to steal this sensitive information. However, not all "https" sites are affected. The bug affects only systems that utilize the "OpenSSL" implementation, which is only one way, albeit a very common one, to ensure secure transport of data. 

How You’re Affected and What TechSoup Is Doing

The jury is still out, with up-to-the minute changes, as to the severity and exploitability of this bug. Mashable has posted a comprehensive list of sites affected, with official recommendations as to whether you should change your passwords. It's possible you'll need to change your password again in the near future, and websites continue investigating the extent to which they are affected.

We have been auditing our systems once this bug was found, and have determined so far that our internal systems and TechSoup websites are not affected. This means you do not need to change your TechSoup passwords.

We will continue to update you of our findings on this blog, and make recommendations if further action is needed.

 

Kevin Lo | Senior Program Manager, NetSquared.org | a part of TechSoup Global

  • $core_v2_language.FormatString($core_v2_language.GetResource('Blog_PostQuestionAnswerView_CommentsCountFormatString'), $post.CommentCount)
  • Log In to Comment

This work is published under a Creative Commons Attribution-NonCommercial-NoDerivs 4.0 International License.

New here?

  • If you'd like to participate, join us.
  • If you're already a member, log in.
  • Search for a specific post?
  • Subscribe to RSS

    • Close this window

    Search Blogs and Forums for a Post
    • *Please enter a search term.
    • Search
  • New Post

More TechSoup

  • About Us
  • Our Mission
  • TechSoup Global Network
  • Testimonials
  • Meet Our Donor Partners
  • Meet Our Funders
  • Anti-Discrimination Policy

Get in Touch

  • Donate
  • Become a Donor Partner
  • Volunteer
  • Careers
  • Contact Us
  • Returns and Refunds
  • Media and Press

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • Instagram
  • YouTube
  • Pinterest
  • Google+
  • Medium
  • RSS

Subscribe to Our Newsletters

Get technology news and updates on exciting new offers from TechSoup.

Subscribe

Copyright © 2018, TechSoup Global. All Rights Reserved.

  • Privacy Policy
  • Terms of Use
TechSoup Default Logo