How to Protect Yourself From the 'Heartbleed' Bug

Recently, a major security vulnerability named "Heartbleed" has made headlines around the world.  This is a severe vulnerability stemming from a coding mistake in a widely-used security utility called OpenSSL.  The bug affects the encryption technology designed to protect your sensitive data on the Internet, like usernames, passwords and emails (oh my!).

 (Original, unaltered version of this image via Mashable)

Why is this a big deal?

The Heartbleed bug allows potential attackers to sidestep the cryptographic security that normally protects Web communications on sites that use an open-source version called OpenSSL. In essence, the bug allowed attackers to grab random bits of information from Web servers --- information that could include usernames and passwords, the cryptographic "keys" that shield traffic from prying eyes, or even the coded "certificates" that websites use to verify that they are who they say they are. In the worst case, exposure of that information could allow attackers to read all traffic to and from a given site, or even to impersonate the site itself!

Since the flaw is in the OpenSSL encryption code, it's not actually a virus.  But because this vulnerability takes advantage of servers as opposed to devices like a virus does, the best plan for businesses is to update to the latest version of OpenSSL to address the dangers posed.

The severity of the Heartbleed vulnerability cannot be overstated --- this is a big deal.  Several major enterprises (Facebook, Twitter, Pinterest...just to name a few) use OpenSSL and are likely affected by this vulnerability as well. The dangers posed by this vulnerability are very real and could affect you if exploited.  Things that you stored on these supposed 'secure servers' can potentially accessed until this bleed is fixed.  That means passwords, credit card info., personal information, etc.  Studies show that over a half million widely trusted websites have the potential to be affected.

What do I do to fix it?
  • Mashable has created a Heartbleed Hit List on potential pages that you might need to update your security & passwords on.  This list is frequently updated & can tell you which websites are vulnerable and which have been patched.  c|net also has a comprehensive list of the websites that have been patched.  Once a site is no longer vulnerable, it's time to change your password.  You can also use this tool or this tool to help you identify is a site you visit regularly has been affected.
  • The obvious thing to to is change your password.  However, you should only change your password after the afflicted business has fixed its servers & removed the Heartbleed vulnerability.  (Changing your password on a particular site only gives you more protection if that site has already applied to the Heartbleed patch and resolved its vulnerability. If it hasn’t, changing your password in advance could theoretically put you at greater risk. Heartbleed is a vulnerability in a server's memory (RAM), not its data storage, so a hacker has access to things that are being called up by the server not everything that's stored on it. That means that the hacker could ascertain your new password, too.)
  • You could start using a password manager.  You have to decide for yourself if it's worth it, though.  You don't need to remember your passwords, because they're all stored and protected behind one master password that you need to make extremely unguessable.  A warning, though; setup is quite tedious.  Oh, and if you're using someone else's computer, you have to use a an app to check your password for any site/service you want to log into.  Having a password manager isn't a fun time, but protecting yourself from much more annoying, potentially detrimental, problems down the line if your personal information gets hijacked may make it worth the trouble.  Some sites for password management are KeePass, LastPass1Password, Roboform, Dashlane, SplashID & mSecure.


Happy hopping everyone! Thanks for joining us again for That Friday Blog Hop which goes live every Thursday evening at 8pm EST. So join us each week & link up your blogs, social media outlets, or anything you'd love to share. 

Link up and enter to win a super cute bracelet from Jayla Jolie Jewelry, this would be a great gift for a little princesses Easter basket!

Jayla Jolie Jewelry is an Etsy shop owed by one of your host Ce Ce.

The Bracelet: 

Glass Pearl Personalized Crystal Bracelet (little girls)

 Sizes can be custom made from 4.75 to 6.00 inches.

Personalize the bracelet with any name you want!

This giveaway is open to U.S. Residents only.

The Rules: Must be 18 years of age or older to enter. Giveaway is open to US Residents only and will end on 4/14/14 11:59 PM.1 winners will be chosen at random using on 4/15/14 and will be contacted via email. Winner will have 24 hours to respond before a new winner is chosen. A Chicago Mom or Jayla Jolie Jewelry is not responsible for any lost or stolen prizes. Void where prohibited.

That Friday Blog Hop: Join Us Every Thursday Evening

While there are no rules, we would love it if you would :::
- Stop by the hosts & co-hosts blog and follow along
- Say hi to new bloggers and leave a wonderful comment
- Grab the button and/or tweet about the blog hop as well
- Come back every Thursday evening to join in the party
- If you are interested in being a co-host for an upcoming week, send an email here
That Friday Blog Hop

Buy One Get One Free @ JustFab!

I loves me some shoes.  I loves me some shoes even more when they're on sale.  Especially if I get one free!  Well, believe you me, I'm headed to JustFab to get some cute Spring/Summer shoes.  It's all buy one get one free!  Sandals, wedges, flats...even boots, booties & pumps!  Oh, I've died and gone to shoe heaven!  Click the pic below to get shopping!

Song Crack

There are songs that I can't get enough of.  Songs I could listen to over and over and over (and so on) without ever getting burned out.  The songs that you won't hear on the radio because they've been out for a long time.  Songs that a lot of people may not know or, adversely, think you're nuts for loving.

Annie Lennox - No More I Love You's
This is my weirdo song.  It's exceptionally weird/strange, and believe, me the video is stranger....but it's great for having one of those emotional hand-flinging Mariah Carey moments when you're trying to sing along.  (Nicki Minaj sampled this song for her song "Your Love".  She understands weird.)

Paula Abdul - Promise Of A New Day
I still remember being a kid and 'choreographing' dances to this song in the play room.  It's definitely on my iTunes & I'm not ashamed to admit it!

Dave Matthews Band - The Last Stop (Live In Chicago Version)
Completely different from the album version, this song is incredible!  Not only can you tell that the band loves playing this song but that Dave loves singing it.  It's beautiful.

No Doubt - New
This song makes my heart race.  I feel like I'm in the middle of an epic event that I don't want to end.  This feeling has got to stay.

Save Ferris - Come On Eileen
If this song doesn't make you want to be a mid-nineties Ska singer, then there's no hope for you.  I belt this mother out in the car, making my "big voice face" and everything.

Fleetwod Mac - Rhiannon
This song reminds me of a rainy day.  It's so mellow and haunting.  One of the best Fleetwood Mac songs in my opinion. 

Boyz II Men - On Bended Knee
If this song doesn't make you want to close your eyes & ball your fists up close to your chest while belting the woulds out intensely as possible, then there's something wrong with you.

Before I get carried away, I should probably cut myself off!  This is should probably be one of those "to be continued posts", otherwise we'll be here all day! 

What are YOUR "song crack" songs?

No need to put on a show.

I find it funny that people are shocked, shocked I tell you(!), that I am a wee bit over 30 and *gasp* not married.

I can say with all honestly that I am completely happy with that.  I look at the photos of my friends who post pictures of their insanely cute babies and I think about what it would be like to have one.  Then the reality reminder sets in where I realize that I can still sleep late, stay out late, go where I want to and even have a mimosa with breakfast & nobody can tell me otherwise.

I refuse to spend my life obsessing about not having what I think I should have.   I refuse to do something based on what others think is the "right thing to do".  By (this time) in your life, you should be married with two kids and own your own house and blah blah blah...
I don't fit into that mold. 
Right now, that is not my definition of happiness. 

There's no reason for me to be unhappy with the point I'm at in my life.  My life may not be like yours, or yours, or yours, but please remember that we are all vastly different people, each unique in some way.  Why should we be forced to conform to something because "it's just what people do"?

Love who you are now.  Have your dreams and wishes.  Just don't miss out on all the goodness in the present for your life of the future.


Related Posts Plugin for WordPress, Blogger...