Gigaisland - The Friendlier Side of Computer Services
Follow Us
  • Home
  • Why Gigaisland?
  • About Us
    • Our Company
    • Our Core Values
    • Customer Satisfaction
    • About Laine
    • Partners
  • Services
    • CyberSecurity Checkup
    • Computing Infrastructure
    • Security
    • Backup
    • Maintenance
    • Virus Service >
      • Virus Tips
      • Virus Software
    • Google Apps >
      • Apps
      • Features
      • How To
    • Email Security
    • Email Archiving >
      • Google Apps Vault
    • Virtualization
    • Research
    • Corporate Services
    • Home Services
  • Testimonials
  • Contact Us
    • Newsletter Signup
  • Remote Support

Gigaisland Security Bulletin: Your Passwords Could Be Compromised

4/9/2014

0 Comments

 
Aloha Everyone!  You may have seen this article on the Star Advertiser page this morning describing that there is a massive security bug that leaves your passwords vulnerable.  

In a nutshell if a company uses a technology called OpenSSL to secure it's website with HTTPS then your passwords & credit card numbers could be at risk.  

The security bug is called Heartbleed.  Right now companies such as Google, Microsoft, Twitter, Facebook, and Dropbox seem unaffected.  If you want to check if your bank or company is effected then you can use this free tool.  

When you go to the website with the free tool it will show a box that says Heartbleed test, like the picture below.  From there just type in the website you want to check on such as Facebook.com and press the green button "Go!".  It will return a result that says it is "all good" or "vulnerable".

Picture
If it does come up as vulnerable we would recommend that you change your password.  If you use that same password for other websites we would recommend you change your password as well.  

Yahoo was recently discovered to have this vulnerability so passwords and information was being compromised.  We have gotten calls in the last few weeks of folks using Yahoo and having their accounts compromised.  Yahoo said that they have patched up the vulnerability.  

A security firm called Codenomicon, which along with Google researcher Neel Mehta discovered the problem.

"This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users, and the actual content," Codenomicon said. "This allows attackers to eavesdrop communications, steal data directly from the services and users, and to impersonate services and users."


If you are using Lastpass to keep your passwords safe then we are safe, as their spokesman Joe Siegrist said the following, "LastPass is quite unique in that nearly all your data is also encrypted with a key that LastPass servers never get -- so this bug could not have exposed customer's encrypted data," Siegrist added.


I wanted to update folks on this so you can make sure you're a ok.  Have a great day and Aloha!
0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    We Love to Help

    This tech blog filled with Aloha is here to help everyone on their journey with computer technology.  

    RSS Feed

    Categories

    All
    Apple
    Hardware Review
    How To
    Microsoft
    Security
    Software Review
    Tech Class
    Tech Tips

    Archives

    July 2017
    November 2014
    October 2014
    September 2014
    May 2014
    April 2014
    October 2013
    August 2013
    July 2013
    August 2012
    March 2011
    February 2011
    January 2011
    December 2010
    November 2010
    August 2010
    June 2010
    March 2010

 Sunny Hawaii   |   808.673.4747   |   info@gigaisland.com