The NSA issues its own suggestions for avoiding lost Heartbleed data

Sponsored Links

The NSA issues its own suggestions for avoiding lost Heartbleed data

The United States National Security Agency may or may not have known about the security vulnerability known as "Heartbleed," but now that it's a widely publicized issue, the agency has some safety suggestions. Sure, you've probably heard all this before, but bear with us.

First and foremost, websites/web services using the affected software (OpenSSL versions 1.0.1 through 1.0.1f) are told to update, or turn off the function which enables the security flaw. Second, a variety of OSes and client/server software use the affected service, so the NSA suggests you get in touch with your software's creator directly (Google's already taken care of it in one version of Android, for instance). Finally, after you're back up on a safe version of the website/service/OS you use, it's time to dump your current password in place of a fancy new one. Like we said, nothing you haven't heard before, but here's the NSA confirming as much. Head below for the full document in all its acronym-laden glory.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
Popular on Engadget