Everyone has probably heard about Heartbleed so far. At the rate every news publication has been writing about one of the biggest threats to everyone’s online privacy and safety, all Internet users should know by now about all the risks and they’ve all hopefully taken steps to be safe.
According to a research, things aren’t really all that wonderful, however. In fact, a survey of about 1,500 people taken by Pew Research indicates that only 60 percent of the public have heard at least a little bit about Heartbleed. The research shows that 77 percent of those with a college education have heard about the OpenSSL bug.
As far as reacting to the news of the bug goes, 39 percent of Internet users are taking steps to protect themselves due to Heartbleed by changing their passwords or canceling their accounts.
The study also shows that 46 percent of users believe that their information is somewhat secure, 23 percent believe it’s “very secure,” 26 percent say it’s not “too secure” or “not at all secure.” Six percent of people believe that their personal information has already been stolen.
As a reminder, Heartbleed is an OpenSSL bug that allows hackers to steal unencrypted information going through a server at any given time. A fix has been released, but the bug has been around for two years.
The fact that exploits of Heartbleed leave no traces on the affected servers makes it impossible to know whether hackers had been using this bug for years and if so, how many servers were affected and what data was stolen.
While many were quick to jump to conclusions saying that surely someone must have planted the security bug in the code, the author of the changes made two years ago said that everything was a simple programming error in a very delicate area.
The NSA has been accused of knowing about the bug prior to the unveiling several weeks ago, but the agency has denied such allegations, saying that it normally shares information it has about such situations.
Recently, the White House actually shared details about how the NSA decides whether or not a bug is made public or not and the guidelines seem rather subjective.
About half a million websites were affected by the bug, including Google, Yahoo, Facebook and more. As mentioned, they’ve all patched up their servers and issued new security certificates to back up their claims.