Need help? Call! (212) 682-6878 or (718) 459-9477
Heartbleed

At this point we’ve all been hearing too much about this new Heartbleed Open SSL’s encryption flaw.

To be honest, the more I heard about it, the harder it became to understand what it means and most of all, how do I protect myself???

First of all lets set it straight. “Heartbleed is an encryption flaw which affects Open SSL’s 1.0.1 and the 1.0.2-beta release, 1.01 which is used widely across the web and in a number of popular web services. The flaw can theoretically be used to view apparently-secure communication across HTTPS, usually denoted by a small closed padlock in a browser’s address bar.

The data potentially at risk includes everything from passwords and encryption keys to financial details and personal identifiable information — allowing a hacker to dip in, swipe data, and leave no trace of their existence.”

After a few days of the world going crazy over Heartbleed, we get to a point where, if your favorite websites, bank, online merchant, etc., haven’t yet fixed the problem. Then you should kiss them goodbye and walk away.

On the other hand, even if they did fix it and made an effort to keep your personal information protected, there’re definitely some steps on your end that you shouldn’t avoid.

  • Change all your passwords! I know it does sound like a hassle, and it probably is, given the amount of online shopping we are used to do these days.
    Even if the websites are already fixed, go ahead and change your passwords anyways! I say this because these sites were vulnerable at some point. That means your private information was already compromised.
  • If your favorite sites or services support two-factor authentication, use it. Everybody understands it’s usually a lot more trouble to set up than a simple password. But if this had taught us a lesson, is that extra security measures are worth it!
  • You should also clear all your Web browsers’ cache, cookies, and history. That’s never a bad idea anyway. You don’t want old memorized passwords walking into trouble at an untrustworthy site.
  • And last but not least. Check your bank and credit-card statements very carefully. If you’ve been compromised, chances are all too good that you’ll find out by finding suspicious charges on your credit cards.

After you’ve done all this, you should be no longer vulnerable to Heartbleed’s nightmare. But beware; no solution is easy when it comes to this one. So if you start getting emails or calls offering to fix the problem, don’t buy it! It will probably be a scam…

If you need help, we’ll be happy to assist you. Otherwise, Good Luck!