HEART BEAT BUG BLOG
HEART BEAT BUG BLOG, say that fast, five times. Unfortunately, it's a serious thing. NPR's Steve Henn, this morning, reported on this bug that effects predominant open source encryption throughout the Internet.
If you use Facebook, Yahoo, Google, work email, banking or do any online purchasing — then you are vulnerable through the Heart Beat Bug (HBB). The HBB falsely communicates with a server and says, "Hello, are you there?" and then the server answers "Yes, I am!" It then continues to communicate asking for encrypted information by downloading Short Term Memory (STM) RAM to its server.
It was discovered last week by Finnish researchers and the world has been trying to plug the hole in the proverbial dike since then. There's not much you can do at this point except to stay off of your bank website and also not make any purchases. Supposedly, by Thursday or Friday most websites will be secure again, and it is then advised that you change all of your passwords. This means that the whole world will be changing their passwords, so I'd say be in the mood for some slowdowns on the web as well. Maybe. Maybe not.
I think it is also very advisable to change the way you create your passwords. For example, if you are someone who likes birds and you've been using this as a password: "Bluebird#14" (matching a bird name with the year). Don't change it to "Sparrow#14." Change it to something entirely different. Yes, pain in the butt, but advisable.
It was discovered last week by Finnish researchers and the world has been trying to plug the hole in the proverbial dike since then. There's not much you can do at this point except to stay off of your bank website and also not make any purchases. Supposedly, by Thursday or Friday most websites will be secure again, and it is then advised that you change all of your passwords. This means that the whole world will be changing their passwords, so I'd say be in the mood for some slowdowns on the web as well. Maybe. Maybe not.
I think it is also very advisable to change the way you create your passwords. For example, if you are someone who likes birds and you've been using this as a password: "Bluebird#14" (matching a bird name with the year). Don't change it to "Sparrow#14." Change it to something entirely different. Yes, pain in the butt, but advisable.
Comments
Best,
Bob