Happy Tax Day! Happy Blood Moon! Happy Google Glass Day!
Last week was a productive one as I was in Vegas for NAB. I learned a lot about broadcasting practices along with hardware and software that can improve even my systems. I got some great videos regarding items for podcasters. I even went out and bought a new item – the Tascam DR-60D – for my camera rig.
This week is all about video creation and posting. A few videos have been put up on Geekazine, including the Livestream app for Glass.
Lots of products to review in the bin. Dyson, Verizon, and more. We have a winner for the AMD R7 250 video card – Mike Rodriguez. Congrats and thanks to all who participated! Another contest is in the works.
Geek Smack Sponsor board!Make a conscious effort to back up your data this holiday season. Get a 15 day free trial of Carbonite online backup to see how you can save your data from disaster.
Sponsored by: Dropcam.com watch life High-Def streaming of your home or anywhere - Get a DROPCAM NOW! < br/> Get a Roku - Prices start at $49
Gear I use: Check out B&H Audio and Video
Check out the Geekazine Store
Hotline – 608-205-4378 – geekazine (at) gmail.com
Subscribe to the podcast via: iTunes – Stitcher - YouTube
You can catch me on Twitter @geekazine – Facebook Group – About.Me
Other shows: Day in Tech History – Geekazine Special Media Feed – iPad365 - This Week in Google Glass
Geek Smack: Learning from the Heartbleed Bug
Last week we found out about a major problem in OpenSSL technology which hackers could find and exploit. But guess what – people knew about it way before that. So here is what transpired in the last week.
Lets start with the What: The Heartbleed bug was announced last week as a major vulnerability where passwords had to be changed on many major websites using the OpenSSL software.
What happens – in Secure Socket Layer (SSL), the computer needs to encrypt and decrypt user data. That memory area apparently was filled with unprotected information. A hacker that accessed a data server could obtain the unencrypted data within the data’s memory.
Most of the time this was a password and username data but in some cases also included credit card information.
The bug was first discovered by security firm Codenomicon – along with Google researcher Neel Mehta. The name was coined because SSL technology is called “Heartbeat”.
There are many sites that were not affected. These are sites that do not use OpenSSL. Still, a lot of major websites did use OpenSSL. This included: Facebook, Instagram, Pinterest, Tumblr, Google, Yahoo, Etsy, GoDaddy, Minecraft, Flickr, Netflix, Soundcloud, YouTube,Box, Dropbox, Github, and more.
Most have already checked their records and patched their systems. They are suggesting you change your passwords to pretty much all of these systems.
Keep in mind for someone to get your password it had to pass-through the encryption/decryption process of OpenSSL. If you haven’t logged into the system, your password would not be in there. Nonetheless, its still better to be safe than sorry.
There has been a big question of whether passwords are the best way to log in. A lot of websites have switched to two-factor authentication – although both parts would have passed through this bug.
As for the timeframe – did we know about the bug before it was announced? Before Codenomicon found it? One report said the NSA knew about the bug, another said no. Some have speculated this bug has been going on for years.
So it could mean your information is still on a list and hasn’t been touched yet. However, now that people know they need to change passwords, your information may be surfacing to the top of the list.
This is why it is important to change your passwords. NOW. Remember – Two words together, capitol and lowercase letters with a number either at the end or within the password and a special character within