Every Internet user has now been warned: change all your passwords. Two thirds of all websites could be vulnerable to a security flaw called Heartbleed. Then again, they might not. Few examples of hackers exploiting Heartbleed have been reported so far. But its discovery has revealed how much online security depends on free software maintained by a few volunteers. There are predictions of global disaster. Can governments create rules of order, or should openness be the rule? Meantime, what’s an Internet-user to do?
Since Heartbleed was made public early last week, tens of millions of Android devices are now said to be vulnerable. In Canada, 900 social insurance numbers have been reported stolen. On the British website for parents, called Mumsnet, cyberthieves may have obtained passwords and personal messages before the site was repaired.
Rob Pegoraro, Yahoo! Tech (@robpegoraro)
Jason Healey, Atlantic Council (@Jason_Healey)
Daniel Castro, Information Technology and Innovation Foundation (@castrotech)
Milton Mueller, Syracuse University (@miltonmueller)