Saturday, April 12, 2014

What is and what to do about Heartbleed

Heartbleed has been all over the internet. Everyone who knows IT should have heard about it. In fact this is so serious that your grandmother should hear about it if she does online banking.

Instead of writing more on this subject, here is a collection of links on the Heartbleed story, with different focus.

One important thing though, the heartbleed bug is such that some when you login to some websites or web services, your passwords are exposed. However, if those sites have not fixed the bug, then changing your password would mean that the new passwords are also revealed.


Some write-ups on heartbleed from regular news organizations
ABC Australia - http://www.abc.net.au/worldtoday/content/2014/s3982491.htm
Forbes - http://www.forbes.com/sites/josephsteinberg/2014/04/10/massive-internet-security-vulnerability-you-are-at-risk-what-you-need-to-do/


The technical details of the Heartbleed flaw and a solution
http://www.gizmodo.com.au/2014/04/how-heartbleed-works-the-code-behind-the-internets-security-nightmare/

Don't change all your passwords
http://www.crn.com.au/News/382523,heartbleed-dont-change-all-your-passwords.aspx

10 passwords that should be changed
http://www.crn.com.au/News/382519,heartbleed-10-passwords-you-need-to-change-right-now.aspx

Extensive list of organizations on what passwords should be changed
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/


Tools that test if a URL/website is affected:
http://filippo.io/Heartbleed/

Instead of going to the above website, you can type the name of the website directly into the URL box like:
      http://filippo.io/Heartbleed/#<URL>
where <URL> should be replaced by the website name such as www.example.com


Sunday, April 06, 2014

How to use hotel wifi safely


The links below are to a few articles about how to use FREE hotel wifi safely. In summary:
1. There is no real safe way to use hotel wifi - Be Warned
2. Using the hotel LAN (not wifi) is even worse
3. Using VPN provides a layer of protection since it hides the data transmitted from your device to the internet. However it still doesn't prevent a trojan from being planted on your system and accessing your file system.


http://us.norton.com/yoursecurityresource/detail.jsp?aid=free_wifi


http://traveltips.usatoday.com/safely-use-wireless-internet-hotels-2970.html


http://www.wikihow.com/Stay-Safe-While-Using-Hotel-WiFi


http://blog.hotspotshield.com/2013/06/17/hotel-wifi-security/


http://forums.cnet.com/7723-6132_102-565662/how-can-i-use-free-wifi-in-hotel-safely/