Just as information, recently found security holes in OpenSSL protocol. This security hole is called "heart bleed or heartbleed". Most of the web service provider that uses OpenSSL for encryption must distribute patches to prevent vulnerabilities that arise.
By exploiting security holes in OpenSSL, the hacker can steal the user's information even though the service providers are already doing encryption sites (marked with a "padlock" and the prefix "https:" in the URL address).
The problem becomes quite worrying because 66 percent of the internet service provider web using the OpenSSL tool. Big names it is like Facebook, Gmail, and Yahoo etc..
We as users, nothing can be done to fix this bug except wait for web service providers to immediately patch the holes quickly newly discovered security. After that, the user can immediately change the password as a precaution if the old password we may have been leaked.
Well, here is a list of some of the services of popular websites that are known to use or not use the OpenSSL tool, as summarized by Mashable which was released on April 8, yesterday.
Do not worry, because since the list was published, some service providers have been distributing a patch to patch this Heartbleed bug. Here the list:
|Site Name||Affected heartbeat?||Already patch?||Must change password?|
In addition to seeing the list, to check if the site or service is vulnerable to the Heartbleed bug or not, you can use the tool of Pass last.