Heartbleed Bug

HeartbleedWe would like to assure you that Techcycled’s shop is secure against the Heartbleed bug.

In addition, for your reference I have created a guide to help you learn about and protect yourself from this serious vulnerability.

Heartbleed Bug Guide

The Heartbleed bug is a serious vulnerability in the popular OpenSSL cryptographic software library, which is used by roughly 2/3 of websites on the internet. The bug was introduced in a version released on 2012-03-14 and a fix was released on 2014-04-07 — over two years of potential vulnerability.

There are many major websites that are or have been vulnerable. I personally had my credit card information stolen a few days before news of the Heartbleed bug broke in the mainstream media, so I urge everyone to take this issue seriously and take measures to protect your information. Below you will find a collection of information and resources that will help you secure your data.

Short version:
* Determine the vulnerability of your major and sensitive accounts, such as email, banking, and social media (see resources below)
* Ensure the site has already fixed the bug (if not, let them know!)
* Change your password following best practices
* Monitor your credit card and bank accounts closely for unauthorized activity

Major websites and their Heartbleed status: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

Web browser extensions that check the vulnerability of each site you visit and warn you of potential security risks:
Foxbleed for Firefox
Chromebleed for Chrome

Tools that will check a specific website:
https://lastpass.com/heartbleed/
http://filippo.io/Heartbleed/

Reference:
http://heartbleed.com/
http://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html
http://www.shopify.com/blog/13569149-what-is-heartbleed-and-how-does-it-affect-your-ecommerce-website#axzz2yhlAJMaQ
http://mashable.com/2014/04/09/heartbleed-what-to-do/
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

Final note: I use the free browser-based password manager LastPass and highly recommend it. LastPass has been invaluable in my efforts to secure vulnerable accounts.

Leave a Reply