Don't Let Heartbleed Cause Aches and Pains


In the wake of the Heartbleed Bug revelation last week, there has been a blizzard of advice - myth busting articles, companies saying “Not Us!” regarding being susceptible to compromise and even a denial by the N.S.A. that it was not aware of the bug and therefore contrary to reports in Bloomberg was not exploiting it.

Watching the advice being issued has been fascinating. I for one changed all of my passwords to the popular sites I visit which were identified as open for hacking. However, many in the security business have said, “not so fast” on password changing since you really need to know if the sites visited have protection before you change your password. Obviously if they are not protected in this case your new password is still obtainable by the bad guys.

Well here is a bit of news to mend that potential bleeding heart. Security major player McAfee has released a free tool to help consumers easily gauge their susceptibility to the potentially dangerous effects of the vulnerability exposed in OpenSSL known as the Heartbleed Bug. By entering website domain names into the Heartbleed Checker tool, consumers can immediately determine if the websites they frequent have been affected by Heartbleed by checking whether or not the sites have been upgraded to the version of OpenSSL that is unsusceptible to the bug.

 “It’s important that users first check to make sure the websites they frequent are updated before changing their passwords,” said Gary Davis, vice president of consumer marketing at McAfee, part of Intel Security. “In the wake of confusing information floating around, our tool makes it easy for consumers to quickly access the information they need. Armed with this information, consumers can decide when it is time to change their passwords and regain confidence in a safe web surfing experience.”

I have downloaded the Heartbleed Checker tool, and so far so good.  You may wish to consider doing this as well, and sooner rather than later.  The Hearttbleed Bug is estimated to affect up to two-thirds of all websites. As has been noted by everyone, this is really serious stuff with sites that have not gotten the proper protection for shoring up the OpenSSL encryption software open to having a raft of personal information including usernames, passwords, credit and debit card numbers, and potentially being made available to the bad guys. 

So here is the best advice of the day according to McAfee, they suggest using the tool to determine which sites you use are affected and then change those account passwords when you are assured the affected sites are patched.

Once again here is the url for the tool,  And, remember an ounce of protection really is worth a pound of cure, and that piece of mind is priceless. 

Edited by Stefania Viscusi
Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More