My Heart Bleeds…

There was a problem last week regarding a technology that secures communication on the internet. People have been asking me what the implications might be and how they can secure their data.

Short answer is, it’s always a good idea to change your passwords every few months.

Longer answer (for those who are interested). SSL is the Secure Socket Layer that encrypts communication between your computer and the website. Like talking in code and only you and your best friend have the codewords. The vulnerability allows hackers to intercept the communications with your site and steal your passwords.

Passwords are not perfect and security is an ongoing battle, however for the foreseeable future passwords are still the best option. The best advice is to use a password that is:
longer than 8 characters
A mix of upper and lowercase with numbers
i.e. 8675309Jenny is a pretty good password, and it would take a very long time for a machine or human to guess.

It’s not perfect, but it’s a good start (and better than “123456” or “password”). You can make them longer, harder, more complex, but that tends to make them harder to remember (since we’re only human).

The “BIG” sites that were affected include:
Facebook
Instagram
Linkedin
Pinterest
Tumblr
Google
Yahoo
Ebay
Flickr
Netflix
Youtube
Dropbox

To test if a certain site is still vulnerable, go here:
https://filippo.io/Heartbleed

To see a simple explanation of how this vulnerability works:
http://xkcd.com/1354/
heartbleed_explanation