Heartbleed Rumors, Celebrity Gossip, Help


Have you noticed anything unusual about Heartbleed?

awardsHeartbleed, with its own unique logo (the outline of a red heart, dripping blood), website, flurry of rumors and paparazzi, is officially the Internet’s first mass-media darling in the “Security” category.

So whats with the branding?

Codenomicon, the security firm that discovered the OpenSSL encryption bug, moved quickly to create a webpage with information and an FAQ that Lance Ulanoff called “the clearest security information page I ever [came] across.”

Further… “By creating a Heartbleed information destination, Codenomicon spread the news more effectively than if they had run a half dozen commercials on TV.”[Read Lance’s article on Mashable here]

Here is the AcctVantage ERP run-down on what you need to know.

  1. It is not a virus; it is a bug in the code (CVE-2014-0160).
  2. It is a specific string of open source code called Open SSL (version 1.0.1) in use on some (note – some, not ‘many’, ‘most’ or ‘all’) websites between March and early April, 2014.
  3. The media claim that it affects 65% or more of all internet users is pure exaggeration.
  4. The media claim that it affected Facebook, Yahoo and other giants is true.
  5. The media claim that it affected Amazon and LinkedIn (and many other sites that do not use Open SSL) is not true.

Heartbleed had no effect on Windows Azure, Microsoft Lync, Remote Desktop, or websites hosted on Windows servers.

However, the Heartbleed bug is a force to be reckoned with. more complex than simply changing your passwords. Affected sites were forced to clean up fast and issue new certificates. That’s why you see so many of your service providers and merchants posting Heartbleed notices on their pages. It would be wise to look for these notices anywhere you will be transmitting sensitive data over the coming weeks.

Changing your password is a good idea, but make sure you do so on a site that is Heartbleed-proof. Go here first if you are concenerned: https://lastpass.com/heartbleed/ (Heartbleed Site Checker)

And send us a note! We’d especially love to hear from our online retail customers using AcctVantage – let us know how things are going for you.