Seems like everybody and his uncle is informed about the Heartbleed bug that’s making its way around the internet. Some sources have said that as many as 2/3 of all websites have been hit in one way or another. In fact, according to some sources, it has affected servers, routers, switches, phones and even video cameras. (See…
http://money.cnn.com/2014/04/11/technology/security/heartbleed-gear/
for example.) “The biggest exploit of the past 12 years,” said one source at Singlehop.
If you’re like I am, you have passwords at scores… maybe HUNDREDS of sites. Are we supposed to go through each credential and change every single password? Even if we do, is that enough… because couldn’t Heartbleed have already stolen enough from us to do damage well into the future? Not a fun scenario to contemplate. Do you have any insider info that might help the Brigada audience manage the Heartbleed bug… or have you found a resource that will? If so, please click “Comment” after the web version of this item and share the knowledge. Two-thirds of us will likely sleep better, but ALL of us will be thankful you took time to respond.
This is a pretty big issue, I am not sure why there are not other comments. I am not an expert but you can start your exploration of this internet safety issue here: http://mashable.com/2014/04/09/heartbleed-what-to-do/
A good place to check to see if a domain is vunerable, has been vunerable, or is not vunerable is https://lastpass.com/heartbleed/.
Here’s some helpful links to:
1. See a list of the top 1000 web sites that were vulnerable to HeartBleed:
http://bit.ly/1nmOrNK
2. To see if YOUR site, or one you frequent is vulnerable:
https://filippo.io/Heartbleed/
http://www.makeuseof.com/tag/heartbleed-can-stay-safe/ is a good discussion with links to lists of where you need to change passwords.
For me, I’m all the more thankful for LifeLock. It’s not cheap but then having to go it alone to correct accounts is no fun and VERY time consuming.
Changing “all” your passwords takes a few hours, but it is not the overwhelming job that it sometimes appears. Chances are about 95% of your web-sites are completely unimportant. I just changed all my passwords of import this afternoon – anything financial (banking, investments, etc.), anything with data (email accounts, dropbox, evernote), and then a couple work-related sites that are security-intensive. Everything else is … fluff that just doesn’t matter if someone breaks in! (And, of course, if it doesn’t matter then probably nobody will take the effort to break in in the first place… If they do, so what?)