The Heartbleed bug
Posted in
Apple today released a statement confirming that OS X, iOS and "key web services" were unaffected by the widely publicized security flaw known as Heartbleed.
The Heartbleed bug is a nasty one. It affects web servers - the computers that power websites. It does not affect your computer or iOS device, but it makes you vulnerable because hackers can potentially steal your details from the sites you visit. It’s a flaw in OpenSSL, an encryption technology used by the vast majority of websites on the Internet, although not Apple’s website or its online services like iCloud.
The flaw allows hackers to pull data from a server’s working memory, including the server’s encryption keys. That would allow hackers to decrypt all traffic to and from the server, exposing sensitive data like logins, passwords and everything else.
Users are recommended to change their passwords on all services that may have been affected. Mashable provides a list of services where you should change your password.