The Bad News of HeartBleed

The news of a bug in one of the Internet’s most widely used security measures has been making it’s way through the digital consciousness. “HeartBleed,” as it has come to be known, is a bug (NOT an attack or malicious software) that leaves a virtual chink in the armor of OpenSSL, which is a software that encrypts communication to and from web servers. This includes things like Google Search and Gmail (which have been patched). This is unique from other recent threats because it is an error in the underlying software that runs a server, not the programming that runs a website, or a vulnerability on a user computer.

To ease your mind, BooksAndWhatnot.com uses a different software than the one affected. Our site is safe to use and poses no threat. For your own website, it’s a good idea to contact your web hosting service provider(s).  Make sure they have a plan, and you know the timeline of implementation. You can check your own site against Heartbleed with this tool.  For your user accounts with other services, check with each service. We, as a company and individually, have received emails from many providers letting us know when it is safe to update passwords.

Now that you’re changing login information, this is the best time to implement password security policy and to begin using a password manager. I personally use 1password on both my laptop and  iOS devices.

Kenton Hansen

Technical Co-Founder Kenton makes digital things. He is a technologist and has had his part in a few startups including software, advertising, and client services. @KentonH