ADVERTISEMENT
Advertise Here

The Tech Deck

Heartbleed: OpenSSL Vulnerability that affects EVERYONE

Hey everyone, this is really important: Avoid the internet for a while and change all your passwords to everything. This is not a joke. They discovered a bug in OpenSSL, which powers like 2/3 of the internet. It's really, really really bad.

If you are using the same password for most sites you visit, it is urgent that you change at least your banking and email accounts and any other high risk/high security websites you may use.

They've already confirmed that Yahoo is/was vulnerable along with a huge chunk of websites on the internet. Most of the major websites have already updated their software, but if they were compromised prior to that your, data and passwords still need to be changed.

To see if your website or a website you use is vulnerable, run the url against this Heartbleed test: http://filippo.io/Heartbleed/

I'll keep you posted on the status of the Spokesman-Review's websites.

UPDATE:

I confirmed with our tech support team that none of the Spokesman-Review's websites (spokesman.com, nwprepsnow.com, etc) were vulnerable to this particular bug because we were using a different version of OpenSSL. If you have any questions regarding the security of any of our sites, please email webteam@spokeman.com and we'll be happy to chat.

For more information, check out some of the following links:

Technical details:

http://heartbleed.com/

http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html

http://krebsonsecurity.com/2014/04/heartbleed-bug-exposes-passwords-web-site-encryption-keys/

News:

http://www.bbc.com/news/technology-26935905

http://www.forbes.com/sites/jameslyne/2014/04/08/heartbeat-heartbleed-bug-breaks-worldwide-internet-security-again-and-yahoo/

http://www.cnet.com/news/heartbleed-bug-undoes-web-encryption-reveals-user-passwords/

http://www.pcworld.com/article/2140920/heartbleed-bug-in-openssl-puts-encrypted-communications-at-risk.html

Updates from popular sites:

https://blog.heroku.com/archives/2014/4/8/openssl_heartbleed_security_update

http://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html


Please keep it civil. Don't post comments that are obscene, defamatory, threatening, off-topic, an infringement of copyright or an invasion of privacy. Read our forum standards and community guidelines.

You must be logged in to post comments. Please log in here or click the comment box below for options.

comments powered by Disqus
« Back to The Tech Deck

Get blog updates by email

About this blog

All your tech are belong to us.

Latest comments »

Read all the posts from recent conversations on The Tech Deck.

Search this blog
Subscribe to this blog
ADVERTISEMENT
Advertise Here