I'm no tech whiz, but the news about a newly-discovered online vulnerability seems pretty important. It's called "Heartbleed."

From Mashable:

In fact, Heartbleed has the potential to be one of the biggest, most widespread vulnerabilities in the history of the modern web. Frustratingly, however, because the problem is technical — very technical — it's difficult for regular users to understand why this vulnerability is a big deal, what services have been vulnerable in the past and what services remain vulnerable now.

Even worse, the technical nature of Heartbleed means that as an end user, you are limited in how to protect yourself. The onus is on the person who manages the web service — or who manages the back-end service the web service uses — not the end user.

Writing about Heartbleed, security expert Bruce Schneier says "'catastrophic' is the right word. On the scale of 1 to 10, this is an 11." That's about right.


The best part? The vulnerability has been around since 2011.

You're advised change your passwords.

Here's a list of sites and the effects. And, yes, the most popular websites are affected.