Repairing the Heartbleed virus could cripple the Internet as the 500,000 affected websites simultaneously scramble to change security encryptions, according to
The Washington Post.
A security vulnerability put users' passwords and other personal information at risk at many popular websites, such as Facebook, Dropbox, and Netflix, though the Post reports that bank and government websites were not affected.
Since the bug's discovery last week by researchers from Google and the Finnish company Codenomicon, the magnitude of the problem, and the fix, has snowballed, according to
Bloomberg, which characterized it as "one of the biggest security flaws to hit the Internet."
Urgent: Assess Your Heart Attack Risk in Minutes. Click Here.
The Heartbleed bug makes it possible to steal security certificates that verify a website's authenticity.
Because the bug impacts so much of the web, fixing it "could overwhelm the systems designed to keep the Internet trustworthy," according to the Post.
There have not been any instances of anyone exploiting the vulnerability, which left a gap in OpenSSL, encryption technology used to protect sensitive data. News of the bug — which estimates have suggested affected two-thirds of the Internet — led thousands to change their passwords on Google, Yahoo, Facebook, and other major services, according to the Post.
Now, the newspaper reports, hackers have the ability to fool users into sharing their information by duping them with phony websites that look just like legitimate ones. As a result, all affected sites must revoke their security certificates and seek new ones, causing a major slowing of the Internet.
The files would be "roughly the equivalent of having to download 30 minutes' worth of standard-definition video just to view a single web page."
CNET is keeping a running log of the status of the top 100 sites and whether they have been patched.
Urgent: Assess Your Heart Attack Risk in Minutes. Click Here.