when you see the http in any website go from http to https. if you type in http and then twitter, it automatically goes from http to https. that s is what is so vitally important. that "s" means your information going back and forth between your computer and a server out there is doing so in an encrypted way. this new break through, this flaw basically allows anybody to step in and grab that encryption, user names, passwords, e-mails, credit card information, all the stuff you expect to be transfer securely. all that is up for grabs. typically it's locked behind a private encryption lee. bukey, but a hacker would be able to hack in and take all that information and there is no trace of it. >> well, what the heck are we to do now? at this point? >> yes, well, right. that's the great question on everyone's mind. the problem is if you go in and change your password now you're feeding it into a compromised system. google, facebook, other companies that i've talked to said if you have one password for multi it will sites, you should wait a couple o

. >> which sites are more secure backup i know there is a difference between https and http. >> httpsquickly becoming the de facto standard. but that does is enables encryption between the browser and the other browser. that data, as it moves, is encrypted. that has been adopted elsewhere. if you don't see that, the very reticent about what you actually do online. >> windows xp is going to stop being supported by microsoft. i wonder what are the best practices for a company to make sure they are not exposing users. >> what you have to think about is how your network is architected. and segment the risk of individuals. you have to assume that your employees are going to hit those sites. must be concerned about what is leaving the network. how you push this software is up-to-date. you want to make sure that your up-to-date with software. >> make sure to lock the device. somebody can take it. you can go ahead and put on geo-location. whether it is the apple app store or the android app store. those are both developed to look at each application to see if there is any bad code in those ap

"good morning america" http:/abcnews.go.com/blogs/h eadlines/2014/04/twitter- helmet-to-let-user-tweet- with-their-heads/ was able prototype of the fictional device. >> reporter:sony had a good one they unvieled the future of food. power food that would charge your gadgets and your body. sony's bar perfect >> reporter:and google's social network google plus announced a new photo bombing'. >> reporter:when users upload pictures to google plus, google will photo shop in celebrities like david hassle hoff into the pics love it. and lastly. we'll end on uber's arril fool's day hoax they are the ride-sharing service that let's users order a car ride through an app they announced they were teaming up with tom's shoes to release a service called shuber x. shuber x has "drivers" show up with vehicles powered by their own legs, flintstones- style. i love april fool's day. gsk4n >> pam: ahead at eight. >> pam: why there's a new controversy surrounding the last words heard from malayasian flight 3-70. later -- it's no joke. the sole winner of february's powerball jackpot claiming his prize this a

https is becoming the de facto standard.actually enables encryption between the browser and the other browser. this is important in that that data as it moves is encrypted. that is something you see on banking sites and that has been adopted elsewhere. make sure when you are on sites, https and if you don't see that, be reticent about what you do online. >> we are an amazing day when will being supportive but 18% of all world businesses done on windows xp. i wonder what are the best actresses for a company to make sure they are not exposing -- i wonder what are the best practices for a company to make sure they are not exposing themselves. how can they be reasonable about security? >> you have to think about how the network is architected and segment individuals. you have to assume your employees will hit those sites. what is concerned about leaving the network and make sure the browser you deploy and how you push software is always up-to-date. it's your responsibility as the administrator to make sure the employees are usin

if you type in your url and it comes back with https, that means that you're protected. it's all supposed to be thi behd this type of encryption. there is a flaw, a programming error, a mistake that somebody made that allows them to essentially get this there and get those user names and passwords, ask for more information than they're really allowed to have, and they can basically stumble on to your user names, passwords. if they have the encryption key they've got the whole game. >> now wait a minute. now that we know that this can happen, what is there for us to do at this point? >> reporter: well, that's the frustrating thing about this. it's not something that you and i can do. it's something that the big companies of the world, the yahoos and twitters and facebook have to deal with on their side. they then have to let us know okay, we've updated the system. if you were to change your pass ward right now, you would be handed it in to a compromised system any way. wait a couple of days and then change your passwords. especially if you have the same password and you u

you will notice the sites many begin with https.nds for secure but it turns out that may not have been the case with the so- called heart bleed bug. it could impact up to two- thirds of all websites. it was discovered by a security firm until finland working with google. they are using a security software known as open ssl. hackers can potentially access things like pass words and credit card numbers without anyone even noticing. and the real troubling part about this is the heart bleed bug has been in existence for the past two years but the problem was just now discovered. and this issue is so serious that the u.s. government is now advising businesses to check for online vulnerabilities. many websites and businesses are scrambling to come up with fixes and update their software. now as far as what you should be doing as a computer user at home, there is a bit of conflicting advice here. some websites are urging users to change their pass words right away. but others say that may not be a good idea because going on to a site that

certain addresses begin with https - i am sure you have seen it. accompanied by a closed green padlock. it's supposed to be secure. heartbleed creates an opening, making the site vulnerable to hackers. it exposes data in up to two-thirds of the websites, and is believed to have been around for two years, prompting a series of federal websites to be shut down in canada. >> more than three-quarters of canadian taxpayers filed income tax returns online through the canada revenue agency. anyone attempting to beat the deadline this week got first hand experience of the heartbleed worm. on wednesday the agency shut the web file services down, and now the website has been suspended, those that use the open encryption software. they are a precaution, no security breaches have been detected. doesn't mean they haven't happened. >> given the scale and scope of the vulnerability, it affects the majority of users on the web around the world. it's a matter of time before we see some were compromised. the mathematics points us in that direction. the list is growi

now, when certain websites begin with the letters https, accompanied by a closed green padlock they are supposed to be secure. heartbleed creates an opening. making it vulnerable to attackers. this has disposed the data in up to two-thirds of the world's website. and is believed to have been around for two years. that's prompted canada to shut down a series of websites as daniel black explains. >> more than three-quarters of canadian taxpayers filed income tax returns online through the website of canada revenue agency. anyone trying to beat the deadline had first-hand experience of the heartblad worm. on wednesday the agency shut down web services and the government suspended internet sites of other department using the open ssl encryption software. the closures are a precaution. no security breaches have been dedebited. doesn't mean it hasn't happened. >> given the scale and scope of the vulnerability, it is vulnerable. it's only a matter of time before we discover some of them were compromised along the way. the mathematics absolutely points in that direction. >> the list of well-kno

http negotiation third now i know working level. they're expected to go through tonight. ginny us not to nhk world tent camp. officials involved in and help all reacted swiftly feel i must remark on the second time as they didn't make it their crimes of that entry. some courts use in japan security treaty. it is a quarter mile to cool. and if allah not to harm with tennis tutorial sovereignty. the lights for one a space to express a sense of how my form on good friday only to the administration on the itunes or territorial rights. how sad that all parties involved should count the disc is and seek a peaceful solution. today she threw it down on. the mom often encourage men to japanese who want to get their loved ones back from north korea. he spent with the relatives of people who got abducted on the orders of the economy and in the nineteen seventies and eighteen seats. the kids that obama for private school. she really easy and nice then too she called and said he had called on the pentagon could have done that he can form team. i was stunned and then to support obama i

that because that's the thing i know it you're speaking world in bolivia there is definitely a new http biscuits did get my act and those who actually abide by the traditional images that's it i keep the peace is reputed to be skewed to draw mostly unused in the pasta into the box. we should be priced at. now reached number one in its opening weekend in the united states topping over forty five million dollars the film is now set to double the amounts until june on sunday by two thirds and one. in london. the iconic paintings but the world renowned artist claude monday and christie's impressionist and modern art sale in new york next month june eighteen oh seven pm to one of the least valued at thirty five million us dollars is part of a collection of masterpieces by bringing art to cast an informal featuring a year in hong kong. morning for two days of this exceptional quality didn't appear on the auction market very often. what's doubly excited that this painting is the fact that it's been hidden from view for nearly eight years old by the presenter in nineteen thirty and not seen sin

http new theory warm welcome and at the top of this. we look at the ongoing tensions the new crises. the ukrainian government has confirmed that six ahmed vehicles of the army of knocking the hands of pro russian activists from the city of kufa towards the vehicles will cause of what the government is called an anti operation against um pro russians in the east of the country to have taken on the pounds of government buildings. if you like to do them into the conduct of the on call when the day with the lead vehicle bearing the russian flag. it was not immediately clear whether by it that after one of the pro russian activists or handed over to them by ukrainian disasters. another fifteen ahmed to carry is full of car trips were surrounded and halted by a pro russian crowd at a town near any evidence they were allowed for trees on the top of the soldiers and handed over the firing pins for their rifles to rebel come on. sunday ukrainians our government's operation to recapture the east and thomas controlled by pro russian support is now

that because at that meeting i met a jewish baby more than a millennium and he's definitely a new http biscuits that the last thing those who actually can abide by the traditional religions. that said i do think this is a great deal a two piece cute. great news at all costs. tonight we should be priced at. now i've reached number one in its opening weekend in the united states topping over forty five million dollars the film is now set to double the amounts until june on to the right temperature and wind. in london. i. davidson known for there should be torn bikes built for the open highway has unveiled a new light. harley like a new model has released four with an expected retail price of six thousand five hundred to seven thousand five hundred us dollars to st will be the most affordable by the company of book marketing years in the first u s small bike bring the holy name in over fifty years the harley davidson motorcycles are known as hogs are usually bigger heavy bikes suited for the open road to be incredibly stable on the highway on so they wouldn't be as suitable for a city env

welcome to http news for by jingle and would not. us president barack obama said that america's mutual cooperation and security treaty with japan applies to the wy loans gone into the center of a territorial dispute between china and japan. obama many perspectives in a written response to questions published in the u he she would use paper before his arrival in tokyo the japanese newspaper said it is the first time that a sitting us president clearly stated the disputed islands awsome get to that received. he also commended japanese prime minister shinzo of ace efforts to strengthen japan's defense forces including reviewing existing limits on their collective self defense the us president is expected to arrive and take a lifetime to kick off and eight se asia pacific tuna which were also taken to south korea malaysia the philippines. so obama is the asia pacific tour will not include china but that doesn't mean chinese policies in the region would be on the agenda. cctv is white house correspondent justice stone reports from washing

that because i'm active feeding i know it you're eating more than a woman in every definitely a new http this is it that much to those who actually can abide by the traditional religions. that's it i get the pieces like the motueka skewed to the amusement of the pasta in the box to jonathan should be priced at now i've reached number one in its opening weekend in the united states topping over forty five million dollars. the film is now set for global drug routes until june. i'm cindy watson fridge and one. in london. i the one of the most highly prized pieces of chinese porcelain on the planet has sold for thirty six million us dollars. these auction in hong kong to the new world record for any piece of chinese porcelain ever sold these two teacups were first treated in that same two of rain in the fifteenth century the last couple offered for sale with the nineteen ninety nine and then established a record for any chinese work of art that cup soldier talks and is one of only four to concoct a meeting in private hands. it has gone to extraordinary did in rome i'm in shanghai the collect

mail the homepage and search more secure by making https encryption the default. haveomberg an exclusive interview with defense secretary chuck hagel. you can catch the full interview at 6:00 a.m. eastern. in today's new hollywood, discovery communications is partnering with hollywood producers ron howard and brian grazer to form a new studio that will make short videos for online viewers. the venture is called new form. ceo davido discovery stanislav and producer ron howard in a bloomberg exclusive. why now was the right time to push into the digital game. >> our core mission is to tell great stories. the way we have been doing it is through our channels. we have been growing market share. and we have had a hell of a ron. it is not just on the tv set. journey.d on this we launched 90 youtube channels. we also bought a leader in nonfiction streaming. does almost half a billion streams a month. and we build the streaming business. how to distribute it, how to monetize it. space,u look at that there is nobody playing hard in the scripted area. who are the best story

balada, http://www.youtube.com/watch? noticias univisiÓn 14 a las 6. >> ¿quÉ tal? muy buenas tardes. le saluda marÍa leticia gÓmez >> y william bonilla. >> empezamos con la decisiÓn histÓrica que tomó la liga de basquetbol, la nba, que beto de por vida a donald sterling despuÉs de que salieron a la luz sus comentarios racistas. >> no importa el dinero y la fama cuando el racismo estÁ en el centro de la polÉmica. el caso dio la vuelta al mundo. william. >> ¿quÉ tal? de cierta manera habÍa dejado mal parado a la nba pero hoy sacÓ disparo y se ha anotado una canasta que quedarÁ en la historia. [habla en inglÉs] >>el que quiera hacer un comentario racista en la nba deberÁ pensarlo dos veces. cero tolerancia fue lo que se mostrÓ hoy con el comisionado de la nba. veto de por vida y una sanciÓn de 2.5 millones de dÓlares para el propietario de los clippers, donald sterling. todo como consecuencia de los comentarios racistas que salieron a la luz en una grabaciÓn de una conversación con su novia. se trata de la sanciÓn mÁs severa

special encrypted page" with beefed up security - in the u=r=l box you will see an "s" appear after the "http that is how you know the page is encrypted and safe - that's where this heart=bleed bug exists. inside that encryption technology. - the danger is only on those websites using the encryption system "open = ssl". - but, as i mentioned. a lot of the web uses it - leaving most internet users. at risk. >> we're talking major main stream websites like yahoo, flickr, some other top sites - including facebook, google, wiki=pedia, amazon, twitter, apple and microsoft - are not currently vulnerable, but they may have been in the past. >> it is nice to have protection and not constantly having to change your passporpassword's. >> >> still ahead on the kron4 new spirit we will tell you about a new push for peace. this morning this is falling three sexual assaults near elementary schools. >> we also have >> an norovirus concerns that are ending up today on board a california cruise that are ending up today on board a california cruise ship. bulldog: [yawning] i can't wait to get to mattress disco

and you are about steal see and asked appear after the http the site of the pages encrypted and safe.ere the heartbeat lead bog is. and said that encryption technology. the danger is only on of upsets using encryption system. what of the lobby is it living most internet users at risk. but major went mainstream websites here. now or in the past. says like yahoo flicker know what to pr ends on twitter and at microsoft. today's companies are reported the i have patched the securities flaw. what she did you do now to protect itself change all passwords everyone just to be safe. here's the hard part best to say change has for the after website has touched the hearts bleed security hole. hopefully companies will the bill users after the of gun that. i know it's frustrating every other week online security breach in were told to change our pastors is starting the cit feel like changing passwords is no longer enough. it said that come to this company's will protect you if your financial information is taken from one leaves. it's nice to have that protection not constantly changing passwords.

so a huge preponderance of them are impacted and just to explain when you see the https, in your url at top of the web page, the s is the secure part. i thought this was industry standard. >> it was a industry standard and this was a version of software used by half a million sites or more representing 2/3 of all the sites on internet. gerri: wow. >> it was just one of, like when you get update notifications say, update your software with a patch. think of it, patches for software is equivalent of ants at a picnic. you will see the bugs and they will patch the bugs but this is one where everybody missed the bug. they missed the hole in it and there was such exposure to information. gerri: so i understand there's a fix in the works? >> there is a fix in the works. many sites have already installed the patch. and they're notifying their users literally one by one with the sites. it is a lot of big sites that have had issues. gerri: like? >> google had, they talked about it. yahoo! talked about it. gerri: wow. >> tumblr, a number of those sites. the important thing is, don't change your

it says https. the s is supposed to stand for security but that may not always be the case.iscovered by a security guard in finland working with google inc. they are using open ssl. computer experts estimate hundreds of thousands of webs can access things like pass words or credit card numbers. the real doubling -- websites and -- as far as what you need to know as we bring you back out here live security experts say users shouldn't necessarily rush to change their pass words because activity on potentially vulnerable sites could only make things worse. live in san francisco alex savidge ktvu channel 2 news. >>> yahoo one of the sites effected by this breach and some internet security firms report they have been able to find secure information from yahoo users by exploiting the software flaw but the search engine says it has issued a patch for the main site along with yahoo mail, finance, sports, flicker, and tumbler. other tech giants have also imemployment -- implemented the same security patch. it's also a good idea to contact small businesses that may have your informati

when the website begins are https, and there a closed green pad lock they're supposed to be secure. but heart bleeds creates an opening, allowing hackers and attackers to get inside. the flaw has potentially exposed sensitive data to two-thirds of the website, two-thirds of the website everywhere. in one country, canada, they've shut down a series of government websites as a result. daniel lack reports. >> reporter: more than a quarter of canadian taxpayers filed their tax reports online. but anyone efforting to beat the end odeadline. government has shut it's website services down and suspended our departments that use the software. no security breaches have been detected, but that doesn't mean that it hasn't happened. it's global and affects the vast majority of servers on the web around the world. it's only a matter of time to discover that some of them were compromised along the way. the mathematics absolutely point us in that direction. the list of well-known internet firms hit by heart bleed is growing. google, facebook and others say they have fixed the bug. others are racing

think going to a website, https. s means secure. how you know you're going to a safe website.hin about this, in the last couple years if you've gone to these sites with the security, it doesn't mean your information has been safe, leading potential hackers ute liesing a tool allowing one computer to access another online called the heartbeat check. with that app the hoertbeat check can force a computer to divulge secret information, including the keys to the encoder. user names, passwords, all that sensitive data is up for grabs. sorry to sas, gets worst. the matter bleed bug leaves no traces. you have no idea when or if you've been hacked. sites are scrambling to get rifd the bug. might be daying or weeks before the entire web is fixed. what can you do tab? you might have to sit tight because a lot of these websites are still trying to update their code and get rid of this bug, but once they have, you should definitely go in and change your passwords and as always be very cautious about the information you put out there. >> all right. thanks so much, lauri. as we just heard f

that runsre is a bug the secure website, the https websites and things like that, lots of websites, anywhere from 500,000 to one million or even more use this basic kind of software. what is interesting as it is open-source software. a company did not put it out. it is an open source immunity where people of their own time volunteer to write code to make things better on the internet. and it turns out that they ssled -- the open community made a mistake in coding. a simple mistake that was i inadvertent. vulnerability that has existed for over two years because it was released in march 2012. there are so many eyeballs on it. one of the other iconic examples of open source stuff is the leading operating system, which runs lots of the servers that runs lots of websites. i would bet heavily that c-span servers are run with the linux operating system. there are lots of people looking at this code and find boehner abilities and one of the ways you increase your status and get a better job is to find boehner abilities or to write more elegant code. the problem with this open sll very manyere weren

the way you know kind of what this is about, you know how when you go to a banking site you see httpsthere's a lock that appears, that's when you're supposed to be having an encrypted session. everything that you send back and forth to that servers -- >> is not what it means this. >> it's supposed to be secure, but the problem is they left this lock capable of being picked, because they didn't write the code quite right, so right now a bunch of companies are racing to apply a patch to servers, issue new certificates. >> why is it so scary? >> it's been there since december of 2011. the past two years we've been thinking we've been going inside a secure building when we get on the web, but there's a window open, so we're not exactly sure how much it's been exploited, so there's not much we can do other than march around the web and demand that our web sites iffics it. that's up to the i.t. departments. >> they know how to fix it. but the trouble is, a, you don't know whether the site you used has been exploited. you have to go out there and search around, plug in the server name to see

. >> any site that you see in your browser with a little lock or you see https, that's employing what's known as ssl or tls type encryption and any site that's using that is a potential compromised victim. >> reporter: some of the make tech sites like youtube, wikipedia and others say they have addressed the vulnerability and fixed it. others like paypal, chase and linked in say they were not affected. >> lastpast.com/"heartbleed" is excellent which is good on whether sites are vulnerable. >> reporter: if you are tempted to change your password, you may hold off. >> if you choose a new password now and then the site fix the problem you just have to choose another new password in a couple of days when they implement the fix. >> reporter: if you have some critical banking do it in person or on the phone. >> i would stay away from your banking site. i would stay away from your bank's mobile app as well. >> reporter: but it's up to the websites to ensure security for its users. >> we'll make sure your password is good. we also have something called two step authentication where you have to

it would have to have some kind of caught in the case with all people the dollar was on http en. and then after that we set up the issues was mundane and it was the key to negotiations with during the negotiation applied going to have some kind of communication with the topic and does the dishes with intent and the people we signed the agreements we are going to have some kind of communication was. and then after that we signed the opening so we have the force that countries can this was one another peice that people are rewarded especially if he was smitten so we have a national security team. between scheme too. so we have to step on me she knows you are a few more into the scheme. the first one is in sight. they say is that the un. okay okay and then another step will be on missional secrete the console so i'm going to have to step off mission a scary few more entries keep so hopefully we can re use people's war neo nationalists coming teachers at the end of given the fact that we are not looking that good service trade agreement hopefully he can be rather high but the deal wa

because that's the thing i know it you're speeding more than a woman in a raised deck via the new http has it that much to those who actually can abide by the traditional religions. that's it i get the pieces like the motueka skewed it on the evening news when the pasta in the us to jonathan should be priced at now what makes double blind in its opening weekend in the united states topping over forty four million dollars. the film is now set to double the amounts until june. i'm cindy watson fridge and one. in london. i. the i see some diehard gary and started to post for the parliamentary elections it's expected to current prime minister viktor open and his center right to dispose he will delete the post but the chances of winning a majority of lower than previous elections the leaders' commitment to cut household energy bills raise teacher salaries cut the budget deficit and hike taxes on banks have not been entirely overshadowed by political infighting and place for oppression of the press despite the expected outcome is one political party which could steal the show you this week a

. - in the u=r=l box you will see an "s" appear after the "http". - that is how you know the page is encrypted and safe - that's where this heart=bleed bug exists. inside that encryption technology. - the danger is only on those websites using the encryption system "open = ssl". - but, as i mentioned. a lot of the web uses it - leaving most internet users. at risk. we're talking major main stream websites like yahoo, flickr, some other top sites - including facebook, google, wiki=pedia, amazon, twitter, apple and microsoft - are not currently vulnerable, but they may have been in the past. gabe slate kron 4 news. change all your password to just to be safe. i know this is frustrating. it seems like every other week there some online security breach and we're told to change passwords. it's starting to feel like changing passwords is no longer enough. you might want to consider identity theft insurance. it's sad that it's come to this book companies will protect you if your financial information is taken from one of these breaches. it's nice to have that protection and not constantly b

and you are all box you'll see an end as a pure after that http.pages encrypted and safe. that's where the tar bleed blood exists. as a guide that caught encryption technology. a lot of levees that a living most internet users at risk. what she do do now upset yourself and all passwords every one of all. just be said. he's a hard part is best to change passwords after a website has patched the security role. copley companies or e- mail users ones that have done that. >> : but said that come to this but average of tended to dollars a month the do that or is this an era of your identity is taken or somebody gets your financial information you're protected against identity theft you might want look into that. >> : this is schools getting a large trade lower grades. airlit are getting c's and d's. >> : most of our districts will perform any better than they did last year in fact more than half of them performed less than the performed last year. those districts performing at the highest rate dublin valley and south severs the scup received a c plus. sy

. >> so this is when people see https on their browser, they see the lock, they think that everything's defect, right, in the way this was written on the server side, ne'er do wells can tell what you're communicating with the site, passwords? >> essentially, that's correct. it definitely is tied to the https that you see, the lock that you see, because the bug is an encryption library that's popular with many companies on the internet. but it isn't a bug in encryption. it's a bug with simply has access. >> ken, we were talking during the break has this has to be fixed on a site-by-site basis. you said tumblr has moved to plug the gap. if companies can plug the gap, why didn't they spot it before the researchers? >> unfortunately, the bug has been out there in the wild for a long time, without being -- without being caught. once it was caught and once -- once it was announced early this week, all of the companies that were affected found out about it and started to take carest issues. >> i was talking to a security expert this morning who was saying no point in just changing your passwor

my great-grandfather came here from ireland, and we http://upload.youtube.com/clos_0 can look around the state of mississippi where we don't have the kind of immigration, and in the mid-'60s when this was going on, we did not have the kind of immigrant of today. we had yugoslavs who fled the turn of the century. we had syrians who fled at the turn of the centuries, christians who had tried to escape and ended up in our neck of the woods. he couldn't get in new york. they and came up the river. the purpose you talked about is obviously something that has to be part of immigration policy. it has been mentioned, i cochair the immigration reform task force for the bipartisan policy center. equity is what this has to be about. that is with president johnson was trying to accomplish. as we have immigration reform, as i believe we will in the future, it has to be equitable. >> we want about where we are with immigration reform. we will talk about the gang of eight. that is an excellent direction to move in. let me talk to you, mayor castro. in terms of immigration as a civil right. is that

it >> : will hardly does it removes the vest from http ask that as guaranteeing the site is considered a crooked tree >> : sites like amazon google and yahoo have changed encryption and urged users to change passwords. now new concerns hackers can also use heart bleed to steal the sites actual securities certificates. that would allow them to set up phony websites that look like the real thing. it's not just your password at risky could be fooled by a hacker citibank. washington post broke the story today the only real fix is for website to revoke the vulnerable security certificate in get a new one every time you go on-line computer would have to go through the entire list of potential 500,000. the process is roughly equivalent of having to download 30 minutes of video just review a single web page. don't be surprised that spending will states on a screen longer than usual. >> : encouraging news is that ceiling goes to keep security to thicket's is not easy to contain millions of tries for a hacker to successfully steal your info. will show you a one- of-a-kind shipment heading for a

you probably noticed this, the web across that often begins with https, well, the s is supposed to standecure. it does stand for secure but it turns out that hackers in many cases have been able to bypass encryption software with this so-called bug. it's possible up to twof thirds of all website -- two-thirds of all websites have been impacted. it was discovered by a company in finland. hackers can potentially access things like pass woerds and credit card information -- pass woerds and credit card -- passwords and credit card information without people noticing. this has been in existence for the past two years but was just discovered. some people in the city say it's truly a mistake to think your information is truly safe online. >> hackers can figure out a way to information or anything at this point. more and more people get the skills, i think electronicically, it would be very -- >> reporter: there's conflicting information about what users should be doing in response to this bug. some websites are urging their users to create a new password. there are security experts say that's n

in the url box you'll see an "s" appear after the http.e is en crypted and safe where this heartbleed bug exists inside that encryption technology. the danger is only on those websites using the encryption system open ssl. a lot of the web uses it leaving most internet users at risk. keep in mind we're talking about major mainstream websites here that are believed to be affected by this security hold now or in the past because its been there for two years. sites like yahoo, flicker, facebook, google, amazon, twitter, apple and microsoft, some of these companies have already reported that they have hatched the security flaw, so what should you do now to protect yourself? change all your passwords, every one of them, just to be safe; however here is the hard part. it would be best to change passwords after a website has patched the heartbleed security hole. hopefully companies will e-mail users once they have done that. i know this is frustrating but it seems like every other week there's some online security breach and we're told to change

twitter,nt to share on http://twitter.com/cspanwj. let's start with paul in wisconsin. how are you? caller: i'm good. my paper is the post-crescent. i don't u subscribed to it anymore. when walker ran for governor, i got my paper one day and i saw a -- i'm a democrat and it ticked me off. how dare they be that biased. they have a page that says dumpe doyle. host: what did you like most about it? caller: i like to reading their commentss and their where people would write in. it was a good thing to take to work and read on my breaks. coupons on lot of sunday. doylethey did their dump thing for scott walker, that was the end for me. host: chris in wisconsin. i read the milwaukee journal sentinel. i've gotten disappointed because it has gotten thinner over the years. i will read it every day because whatthe only place i get governor walker is doing. it's not on our local news. people should really know what he is doing. i do like it because i get more information than i do on the news programs on tv. host: you get it for the political reporting. caller: yes. host: mr. edmunds talked ab

think about when you go to a website that says https. s means secure.this hack. your information hasn't necessarily been safe. heartbleed lets potential hackers utilize a tool to test if another computer is online. with this hack, the heartbeat check could force a computer to diverge secret information, including the keys to the encryption code. once hackers have the keys to this, it's potentially game over. your user names, passwords, all that data you thought was safe is up for grabs. the heartbleed bug leaves no traces, so you have no idea if or when you've been hacked. of course, these sites are scrambling to get rid of the bug, but it may be days or weeks before the entire web is fixed. what can you do about it? right now you might have to sit tight. a lot of these websites are still trying to update their code. once they have, definitely go in and change your passwords. as always, be very cautious about the information you put out there. >> our thanks to cnn's laurie segall. back to you. >> thank you very much. >>> so these sonobuoys. what are the

when certain website addresses begin with the letter https, a company by this green closed pad lock, they are supposed to be secure. but heartbleed crates an opening making the sites vulnerable to the attack, potentially exposes sensitive data and up to two-thirds of the world's websites. it's a imagine problem. it's believed to have been around for at least two years and in canada, at least, they have shut down now a series of websites. >> more than three quarters of canadian taxpayers filed oim online through the website canada revenue agency. but anyone attempting to beat the deadline got firsthand experience of the heartbleed bug. >> on wednesday, the agency shut its web file services down and now the government has suspended internet sites of other departments that use open ssl en description. canada says they are a precaution, no security breaches have been detected. >> doesn't mean they haven't happened. given the scale and scope of this, it affects the vast market of servers on the web around the world. it's only a matter of time before we discover that at least some of them

guest: there is a bug that runs the secure website, the https websites and things like that, lots ofsites, anywhere from 500,000 to one million or even more use this basic kind of software. what is interesting as it is open-source software. a company did not put it out. it is an open source immunity where people of their own time volunteer to write code to make things better on the internet. and it turns out that they opened -- the open ssl community made a mistake in coding. a simple mistake that was in inadvertent. it has been a vulnerability that has existed for over two years because it was released in march 2012. there are so many eyeballs on it. one of the other iconic examples of open source stuff is the leading operating system, which runs lots of the servers that runs lots of websites. i would bet heavily that c-span servers and pew servers are run with the linux operating system. there are lots of people looking at this code and find boehner abilities and one of the ways you increase your status and get a better job is to find boehner abilities or to write more elegant code