Don't Let Heartbleed Cause Aches and Pains

By Peter Bernstein April 14, 2014

In the wake of the Heartbleed Bug revelation last week, there has been a blizzard of advice - myth busting articles, companies saying “Not Us!” regarding being susceptible to compromise and even a denial by the N.S.A. that it was not aware of the bug and therefore contrary to reports in Bloomberg was not exploiting it.

Watching the advice being issued has been fascinating. I for one changed all of my passwords to the popular sites I visit which were identified as open for hacking. However, many in the security business have said, “not so fast” on password changing since you really need to know if the sites visited have protection before you change your password. Obviously if they are not protected in this case your new password is still obtainable by the bad guys.

Well here is a bit of news to mend that potential bleeding heart. Security major player McAfee has released a free tool to help consumers easily gauge their susceptibility to the potentially dangerous effects of the vulnerability exposed in OpenSSL known as the Heartbleed Bug. By entering website domain names into the Heartbleed Checker tool, consumers can immediately determine if the websites they frequent have been affected by Heartbleed by checking whether or not the sites have been upgraded to the version of OpenSSL that is unsusceptible to the bug.

 “It’s important that users first check to make sure the websites they frequent are updated before changing their passwords,” said Gary Davis, vice president of consumer marketing at McAfee, part of Intel Security. “In the wake of confusing information floating around, our tool makes it easy for consumers to quickly access the information they need. Armed with this information, consumers can decide when it is time to change their passwords and regain confidence in a safe web surfing experience.”

I have downloaded the Heartbleed Checker tool, and so far so good.  You may wish to consider doing this as well, and sooner rather than later.  The Hearttbleed Bug is estimated to affect up to two-thirds of all websites. As has been noted by everyone, this is really serious stuff with sites that have not gotten the proper protection for shoring up the OpenSSL encryption software open to having a raft of personal information including usernames, passwords, credit and debit card numbers, and potentially being made available to the bad guys. 

So here is the best advice of the day according to McAfee, they suggest using the tool to determine which sites you use are affected and then change those account passwords when you are assured the affected sites are patched.

Once again here is the url for the tool, http://blogs.mcafee.com/consumer/what-is-heartbleed.  And, remember an ounce of protection really is worth a pound of cure, and that piece of mind is priceless. 




Edited by Stefania Viscusi
SHARE THIS ARTICLE
Related Articles

Bloomberg BETA: Models Are Key to Machine Intelligence

By: Paula Bernier    4/19/2018

James Cham, partner at seed fund Bloomberg BETA, was at Cisco Collaboration Summit today talking about the importance of models to the future of machi…

Read More

Get Smart About Influencer Attribution in a Blockchain World

By: Maurice Nagle    4/16/2018

The retail value chain is in for a blockchain-enabled overhaul, with smarter relationships, delivering enhanced transparency across an environment of …

Read More

Facebook Flip-Flopping on GDPR

By: Maurice Nagle    4/12/2018

With GDPR on the horizon, Zuckerberg in Congress testifying and Facebook users questioning loyalty, change is coming. What that change will look like,…

Read More

The Next Phase of Flash Storage and the Mid-Sized Business

By: Joanna Fanuko    4/11/2018

Organizations amass profuse amounts of data these days, ranging from website traffic metrics to online customer surveys. Collectively, AI, IoT and eve…

Read More

Satellite Imaging - Petabytes of Developer, Business Opportunities

By: Doug Mohney    4/11/2018

Hollywood has programmed society into believing satellite imaging as a magic, all-seeing tool, but the real trick is in analysis. Numerous firms are f…

Read More