Skip to main content
  1. Home
  2. Computing
  3. News

How to check if your favorite websites are vulnerable to the Heartbleed bug

By

Update: 4/11/14 4:56 pm ET:  McAfee, a popular developer consumer and business-level Internet security programs, has created a Heartbleed scanner of its own. You can use it to scan your favorite websites and check if they’re vulnerable to the OpenSSL flaw. Check it out here.

Original story

By now, you’ve probably heard of the Heartbleed bug; the flaw in the OpenSSL method of data encryption that lets hackers steal user names, passwords, emails and instant messages, credit card information, and more, while also evading detection. For the most part, aside from changing your passwords and avoiding sites that have allegedly been affected, there’s not much else you can do to combat the bug. However, Qualys, a Web security firm, has developed a tool that lets you scan any website to see if it’s vulnerable to the Heartbleed bug. It’s easy to pull off, too: here’s how.

Recommended Videos

Go to the Qualys SSL Labs page here, type in the name of a website, and click “Submit” to assess its vulnerability to the OpenSSL Web encryption bug. When the scan is complete, you should see a notification telling you whether the site is hit by Heartbleed.

Related: 
The 8 best TVs for gaming in 2025, as vetted by our experts

It’s worth noting that the feature is labeled “Experimental” on the site. In our experience, it took up to a minute to complete a scan, and timing varied from one website to the next, so we urge you to exercise patience when using this tool to scan your favorite page. Digital Trends reached out to Qualys to find out what “Experimental” means precisely, and get their thoughts on the seriousness of Heartbleed. We will update this story when they respond.

Alternatively, LastPass, an online password security firm, also has a Heartbleed scanner of their own that works just like the Qualys scanner does. You can check it out here to scan sites, if you’re interested in a second opinion. On top of that, Flippo Valsorda, a software developer put together a Web-based scanning tool of his own, which you can check out and use here. There’s also a Google Chrome browser extension called Chromebleed which should tell you whether a website you’re using is affected by the Heartbleed bug.

It looks like we're safe!
It looks like we’re safe! Image used with permission by copyright holder

There are also a couple of Android apps available in the Google Play Store that claim to scan your phone or tablet and tell you if your device is using a version of OpenSSL that’s vulnerable to the Heartbleed bug. One is called Heartbleed Detector, the other is dubbed Bluebox Heartbleed Scanner. For detailed guides on Android, iOS, BlackBerry, and Windows Phone devices, read our How to Protect Your Android from Heartbleed Guide and Android, iOS, and Windows Apps Affected by Heartbleed.

Be sure to read our guide to What the Heartbleed OpenSSL Bug Is and How to Protect Your Android from Heartbleed Guide. We also have a robust list of Android, iOS, and Windows Apps Affected by Heartbleed, Websites affected by Heartbleed, and Video Game Services Affected by Heartbleed.

What do you think? Have you used any of these tools? If so, have any of your favorite sites turned out to be vulnerable to the Heartbleed bug? Help us build a list of affected sites below, to raise public awareness.

Image credit: http://s3.amazonaws.com

Konrad Krawczyk
Konrad Krawczyk
Computing Editor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
Topics
AMD’s RDNA 4 may surprise us in more ways than one
AMD RX 7800 XT and RX 7700 XT graphics cards.

Thanks to all the leaks, I thought I knew what to expect with AMD's upcoming RDNA 4. It turns out I may have been wrong on more than one account.

The latest leaks reveal that AMD's upcoming best graphics card may not be called the RX 8800 XT, as most leakers predicted, but will instead be referred to as the  RX 9070 XT. In addition, the first leaked benchmark of the GPU gives us a glimpse into the kind of performance we can expect, which could turn out to be a bit of a letdown.

Read more
This futuristic mechanical keyboard will set you back an eye-watering $1,600
Hands typing on The Icebreaker keyboard.

I've complained plenty about how some of the best gaming keyboards are too expensive, from the Razer Black Widow V4 75% to the Wooting 80HE, but nothing comes remotely close to The Icebreaker. Announced nearly a year ago by Serene Industries, The Icebreaker is unlike any keyboard I've ever seen -- and it's priced accordingly at $1,600. Plus shipping, of course.

What could justify such an extravagant price? Aluminum, it turns out. The keyboard is constructed of one single block of 6061 aluminum in what Serene Industries calls an "unorthodox wedge form." As if that wasn't enough metal, the keycaps are also made of aluminum, and Serene says they include "about 800" micro-perforations that allow the LED backlight of the keyboard to shine through.

Read more
Google one-ups Microsoft by making chats easier to transfer
Google Spaces in Google Chat on a MacBook.

In a recent blog post, Google announced that it is making it easier for admins to migrate from Microsoft Teams to Google Chat to reduce downtime. Admins can easily do this within the Google Chat migration menu and connect to opposing Microsoft accounts to transfer Teams data.

Google gave step-by-step instructions for admins on how to transfer the messages. Admins need to connect to their Microsoft account and upload a CSV of the Teams from where they transfer the messages. From there, it requires just entering a starting date for messages to be migrated from Teams and clicking Star migration. Once it's complete, it'll make the migrated space, messages, and conversation data available to Google Workspace users.

Read more