Heartbleed Concerns

It’s sad to do my 1,001st article on a thing that shouldn’t be happening in a rational society, where everyone obeys the law.  Unfortunately, the Real World isn’t that rational.  If you aren’t sick about reading about the Heartbleed flaw in OpenSSL, keep going here, because this brief piece on Around the Grid concerns you.  If you are sick of reading about it, keep reading anyway; you probably have at least one account affected by the crisis.

Mashable has run a recent article on Heartbleed, and it identifies a number of sites that were running the flawed version of OpenSSL, which could render your passwords and personal data vulnerable.  This is really vital reading to everyone!!!  Most of us have a Facebook account; many of us use some service offered by Yahoo or Google, run a Tumblr blog, or do a mess of pinning on Pinterest.  And other services may be affected as well.  The Mashable article has a substantial list of businesses and whether or not they admit they were running a site with the bug.  Every one that you have an account on which is marked with a green check mark, get yourself there soon and change your password.  And make it a good one as well; there are references available to teach you how to construct memorable, reasonably safe passwords — longish phrases with a mix of cases, numbers and punctuation are excellent in my experience.  Record your new passwords in several different places that you can access easily to update them when needed — and then change them on a periodic basis, whether there’s a security crisis or not going on.  It’s just safer that way.  (I keep two separate password vaults:  one on my desktop and one on my phone.  Both are password locked themselves, and are mostly mirrors of each other.)

As for Second Life, it didn’t make the Mashable list, but I don’t know if anyone has checked with Linden Lab.  I’m taking no chances, and changing my password again with them in a few minutes as part of my overall upgrade to my security.  I’d encourage you to do the same, just as a reasoned precaution; I think the account servers can handle the strain.  I also have accounts on Flickr, Google and Tumblr, and I’ve changed the passwords there as well.  Other services I’m doing just as a precaution; I’ll probably throw in my financial accounts within 24 hours, just to really be on the safe side, although every bank claims to be safe.

Call it raving paranoia, if you wish.  I call it constructive paranoia at the worst, and sound precaution at the least.  Change your passwords!

signature 3

%d bloggers like this: