Heartbleed has been all over the internet. Everyone who knows IT should have heard about it. In fact this is so serious that your grandmother should hear about it if she does online banking.
Instead of writing more on this subject, here is a collection of links on the Heartbleed story, with different focus.
One important thing though, the heartbleed bug is such that some when you login to some websites or web services, your passwords are exposed. However, if those sites have not fixed the bug, then changing your password would mean that the new passwords are also revealed.
Some write-ups on heartbleed from regular news organizations
ABC Australia - http://www.abc.net.au/worldtoday/content/2014/s3982491.htm
Forbes - http://www.forbes.com/sites/josephsteinberg/2014/04/10/massive-internet-security-vulnerability-you-are-at-risk-what-you-need-to-do/
The technical details of the Heartbleed flaw and a solution
http://www.gizmodo.com.au/2014/04/how-heartbleed-works-the-code-behind-the-internets-security-nightmare/
Don't change all your passwords
http://www.crn.com.au/News/382523,heartbleed-dont-change-all-your-passwords.aspx
10 passwords that should be changed
http://www.crn.com.au/News/382519,heartbleed-10-passwords-you-need-to-change-right-now.aspx
Extensive list of organizations on what passwords should be changed
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
Tools that test if a URL/website is affected:
http://filippo.io/Heartbleed/
Instead of going to the above website, you can type the name of the website directly into the URL box like:
http://filippo.io/Heartbleed/#<URL>
where <URL> should be replaced by the website name such as www.example.com
Instead of writing more on this subject, here is a collection of links on the Heartbleed story, with different focus.
One important thing though, the heartbleed bug is such that some when you login to some websites or web services, your passwords are exposed. However, if those sites have not fixed the bug, then changing your password would mean that the new passwords are also revealed.
Some write-ups on heartbleed from regular news organizations
ABC Australia - http://www.abc.net.au/worldtoday/content/2014/s3982491.htm
Forbes - http://www.forbes.com/sites/josephsteinberg/2014/04/10/massive-internet-security-vulnerability-you-are-at-risk-what-you-need-to-do/
The technical details of the Heartbleed flaw and a solution
http://www.gizmodo.com.au/2014/04/how-heartbleed-works-the-code-behind-the-internets-security-nightmare/
Don't change all your passwords
http://www.crn.com.au/News/382523,heartbleed-dont-change-all-your-passwords.aspx
10 passwords that should be changed
http://www.crn.com.au/News/382519,heartbleed-10-passwords-you-need-to-change-right-now.aspx
Extensive list of organizations on what passwords should be changed
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
Tools that test if a URL/website is affected:
http://filippo.io/Heartbleed/
Instead of going to the above website, you can type the name of the website directly into the URL box like:
http://filippo.io/Heartbleed/#<URL>
where <URL> should be replaced by the website name such as www.example.com
No comments:
Post a Comment