The HeartBleed bug is not an easy thing to explain to non-techie people, but basically it means that that certain versions of OpenSSL, used to provide internet security worldwide, are vulnerable and allow protected information to be read. Read my lips: this is a huge problem.
Since this is a mobile-focused site, I am restricting this article to mobile. The implication is that a hacker can potentially use the bug to break into your device and steal passwords and other sensitive information. On mobile, it is a two-pronged issue: your device (smartphone, phablet or tablet), and your apps.
I found two Android apps that claim to be able to detect whether your Android device is vulnerable, Hearbleed Detector and Heartbleed Scanner. After installing and running the former, the verdict I got was that though the version of OpenSSL on my Nokia X is affected by the Heartbleed bug, the behaviour is not enabled and so I am safe.
The second app, Heartbleed Scanner confirms same, but also scans individual apps to see which are vulnerable. According to this app, BBM contains a version of OpenSSL with the behaviour enabled. Meaning: BBM is vulnerable. At least according to the app. Bummer: there goes your BBM password and perhaps all your private chats. At least, if this app is true blue.
If your device is affected, it needs to be patched by Google or your device manufacturer. If an app you use is affected, it needs to be patched by the developer. In this case, if this diagnosis is correct, BBM needs to patch this app right away, and then I will need to change my password. There isn’t any point changing my password till it is patched.
Scan our Device!
The version of BBM on the Nokia X is likely different from the version on regular Android phones. The way to be sure about yours is to download Heartbleed Scanner to your device and run it for feedback. Is your device safe from the bug? How many apps on your device/s are affected by the bug?