Wednesday, April 9, 2014

This bug makes your Heart Bleed

If you watched the Morning 'News' and immediately changed all your passwords because the totally trustworthy news reader told you to, you completely wasted your time. It's like Iraqi WMDs, they are just reading a made up script for $10m a year, they aren't journalists.

The problem known as the Heart Bleed Bug isn't on your end of the supposedly secure connection. The one denoted by that very reassuring padlock at the beginning of the browser address you're connected to. It's at the website and until they fix their software, changing your password won't help.

It's entirely possible that this is really a 'back door' that the NSA created to snoop in computers remotely, because in order to exploit it you'd need to be able to intercept the communications, and that's something they do big time. They can use it to send a false signal to your computer and capture everything that's in your computer's buffer in a couple of nano-seconds. All your best porn is now available to every NSA contractor, along with all your passwords, address contracts, anything and everything. But now that the software is readily available on the internet to do this exploitation in an entrepreneurial way, the internet is abuzz with the need to fix it.

Unless a 'secure' website that you use has told you to change your password, you're just wasting your time, the NSA (or hacker next door) will just capture the new one. If you already changed yours, you'll need to do it again in a couple of days. Tip: you should use unique passwords for stuff that really matters, but you can use one password for all the so-so stuff. Using your kids names is generally frowned upon, but adding some unique characters and numbers embedded inside them will make them just as un-crackable as any random sequence and you don't need to write them down.