The Heartbleed Security Issue is here. I tried out the Leap Motion controller last year; it’s a “hands free” device (small box) the connects to Mac and PC computers with accompanying software where hand gestures look to replace the traditional computer mouse during interactions.
This service recently sent me the following notice regarding the Heartbleed Security Issue:
At Leap Motion, we take your account security very seriously. On Tuesday, we were informed of a major vulnerability, dubbed Heartbleed, within one of the Internet’s main security protocols. A great number of services across the internet – including Airspace – may have been affected by this issue.
Since learning of the vulnerability, we’ve been taking the proper measures to ensure the security of Airspace, and the bug has been patched. Our customers’ payment information, including credit card numbers, were not affected by the bug. We also have no indication that any data was compromised.
Nonetheless, we encourage you to change your Leap Motion account password. If you have any questions, please reach out to our customer support team.
Codenomicon and Google Security found the issue throughout widely used website technology that use OpenSSL protection/encryption (e.g. https://…). In a nutshell, the Heartbleed security issue means that the closed padlock you usually see in your browser’s address bar — the one that tells you that your connection is secure — has been compromised. Heartbleed made it possible for its users to access your supposedly encrypted information.
Leap Motion certainly isn’t the only service that uses https, and they aren’t the only company that is worried about whether their files were compromised. Without knowing the full facts, it’s hard to know whether to let companies fix this issue or spend the time changing several personal Web accounts. Users can try a Heartbleed test, can look for company notifications, and can change their Web account information, which is definitely a way to proactively boost security.
What do you think of this Heartbleed security issue? Time to panic, or should we wait and see?