Community Search
Website News
Blog Home All Blogs
Search all posts for:   


View all (8) posts »

Heartbleed Headaches: Tips, Thoughts, and the What Now?

Posted By OSHEAN Web team, Wednesday, April 30, 2014
Updated: Wednesday, April 16, 2014

News about the heartbleed bug spread rapidly--although, as is often the case, no such news can ever come soon enough. Nothing quite addressed my early questions about the Heartbleed bug like Randall Monroe's most recent comic in XKCD:

Heartbleed Explanation

But, naturally, an understanding of the nature of Heartbleed only paved the way for more, increasingly frantic, questions. As a non-health care, minimal-impact internet user, I was concerned. Does this truly affect me? In what way(s)? Is my phone safe? (What do you mean, “No?”) What can I do to protect against a problem like Heartbleed?

Fortunately for users like me, the author of the heartbleed bug test site, 19-year-old Filippo Valsorda, conducted an AMA on Reddit Tuesday evening. In his comments, Valsorda provides three quick tips to the average internet user concerned with defending her/himself from Heartbleed:

  • Install the Chromebleed or Foxbleed browser extension and do not log into the sites that trigger an alert.

  • Think hard about all the important accounts you have, and change the passwords there (always a good thing). REMINDER: using different passwords is more important than using complex ones, write them down on paper if you need!

  • Wait for statements by the affected websites about what might have been leaked.

In terms of external threats to your safety, it seems that most of the sites and systems affected have worked quickly to curtail any further problems. Dan O’Shea, Managing Editor at LightReading, notes that “Cisco Systems and Juniper Networks are among the latest technology companies working to address potential problems related to the Heartbleed OpenSSL bug.” And this list, compiled by a team at Mashable, examines the popular sites that were affected and provides updates on their statuses with regard to the bug. It is with great relief that I inform you that because the platform doesn’t utilize OpenSSL, users of the YM platform (which include OSHEAN) were not impacted by Heartbleed.

So what’s on the horizon, and how can the next Heartbleed be prevented? Nathanial Mott, contributing writer to PandoDaily, has some interesting thoughts. Mott proposes that Heartbleed represented a “digital version of the bystander effect…[t]his is like that, except it threatens the foundation of online security, and the crowd is so massive that it’s amazing that anyone even bothered to look for the Heartbleed bug in the first place.” It won’t be easy, but now come the long-overdue repair efforts, and hopefully more updates as things progress.

Tags:  heartbleed  oshean  xkcd 

Share |
Permalink | Comments (0)
more Latest News

Did You Know?

Association Management Software Powered by YourMembership  ::  Legal