The OpenSSL flaw named Heartbleed is pretty huge. Bruce Schneier: “On the scale of 1 to 10, this is an 11″ If you connect to an SSL-/TLS-based service and it’s not running Microsoft Windows or Apple OS X, it’s vulnerable. Even computers running Windows or OS X (which are not vulnerable by default) could be running software or services that are vulnerable. To mitigate the OpenSSL bug means interrogating your own environment and researching those you connect.”]