The Huffington Post | by Betsy Isaacson
Posted: 04/08/2014 5:08
=========================================
As much as 66
percent of the Web may have been compromised by a newly revealed
security flaw called Heartbleed.
So named by the researchers who discovered it, Heartbleed
is a bug that affects an important Internet security protocol called SSL.
Specifically, it affects one particular implementation of SSL called OpenSSL.
For context (and to understand how bad Heartbleed is),
here's how SSL and OpenSSL work: Every time you log into a website, your login
credentials are sent to that website's server. But in most cases those
credentials aren't simply sent to the server in plain text -- they're encrypted
using a protocol called Secure Sockets Layer, or
SSL.
As with most protocols, different software makers have
created different implementations of SSL. One of the most popular is an
open-source implementation called OpenSSL, used by an estimated two thirds of currently active websites.
Heartbleed is a bug in OpenSSL. Hackers can exploit
Heartbleed to get raw text from
emails, instant messages, passwords, even business documents --
anything a user sends to a vulnerable site's server.
And the scariest part? The Heartbleed security flaw
existed for nearly two years
before it was discovered by legitimate researchers. That's plenty of time for
black-hat hackers to have discovered and exploited the bug.
So what can users do? Matthew Prince, CEO of content
delivery network Cloudflare, one of the first businesses to be notified of the
bug, told The Huffington Post that sadly, there's not much normal netizens can
do to protect themselves. "When you finish using a website, make sure to
actively log out," Prince advised -- that makes it less likely that a
hacker exploiting Heartbleed will be able to take your personal information.
Prince also put in a word of comfort: "Heartbleed is
so serious -- it's such a big, bad event -- that almost every major service is
scrambling to clean it up as quickly as possible." He estimated that most
currently vulnerable websites will be "patched" by the end of the
week.
Though a number of major websites have already been
patched, others, including OKCupid, Flickr, Imagur and Yahoo.com, reportedly
remain vulnerable to Heartbleed.
Users can test
if their favorite websites are vulnerable here, though this service
is reportedly not 100 percent reliable. Vulnerable sites should not be
logged into until they're patched -- check those sites' blogs or Twitter feeds
for updates -- and once a website has its patch in place, you should change
your password for that site as soon as possible.
==============================
===========================================
In addition to this blog, I have authored the premiere book on Netiquette, " Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ Rider University and PSG of Mercer County, NJ.
Great Reasons for Purchasing Netiquette IQ
· Get more email opens. Improve 100% or more.
· Receive more responses, interviews, appointments, prospects and sales.
· Be better understood.
· Eliminate indecision.
· Avoid being spammed 100% or more.
· Have recipient finish reading your email content.
· Save time by reducing questions.
· Increase your level of clarity.
· Improve you time management with your email.
· Have quick access to a wealth of relevant email information.
Enjoy most of what you need for email in a single book.===========================================
In addition to this blog, I have authored the premiere book on Netiquette, " Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ Rider University and PSG of Mercer County, NJ.
No comments:
Post a Comment