Concerned about the Heartbleed computer vulnerability? Me too.
What Is HeartBleed?
As soon as I heard about the massive hole in Open SSL that leaves the majority of sites and blogs on the internet open to data grabs, I went to a popular computer tech site, TechCrunch, to find out what is what. The article there seems like a good overview of what is happening with the massive breach that makes, according to most reports I have read, over 60% of sites using OpenSSL protocol vulnerable to massive data breaches.
As soon as I realized this was very, very bad news. I then went to my “go to” source for blog security: Sucuri.com’s blog. I trust this company and if my site gets hacked these are the people I am going to for help.
Is My Site Infected?
Sucuri recommends going to http://filippo.io/Heartbleed/ in order to find out if the servers you are using are affected by the vulnerability.
This site then recommended Heartbleed.com as a good source of information about the Heartbleed hack.
Fixed Open SSL has been released to fix the problem, but it must be deployed. This is something done at the hosting service level so there really isn’t much an individual blogger can do beyond find out what the status of updates are on your hosting companies servers.
I can only tell you what I am doing; I cannot make recommendations for you. The old adage, “If in doubt, don’t.” seems like the most prudent course of action.
I will continue working on my sites as long as my host’s server comes up clean per testing on Filippo. I probably won’t visit too many other sites and I definitely will not use any financial or sites that have my private health information on them for a few days, or until I find out more about how the Apache and perhaps other types of servers are compromised and whether accessing my accounts makes my data more vulnerable. I do not think it does. But, better safe than sorry. I’m banking in person and making any health copays in cash. I’m also going to purchase groceries with cash. I probably will not shop for anything else for a few days.
I will try to update this post when everything seems okay. It could be a while.
xposted: N F Hill’s personal blog.