I changed all my passwords after Heartbleed hit. A couple times. A part of my personal online security policy is to use a password generation and storage app. I use LastPass as it keeps my passwords varied and strong. The majority of web users…not so much. The most common passwords are still:
Read More »HeartBleed Changed Passwords: Change Your Online Security Policy
News organizations reporting on it, a fancy looking website (ok, not as pretty as Heartbleed), a sexy logo, and blog posts a plenty saying that the online sky is falling is having many thinking that the OpenID and OAuth flaws, known as Covert Redirect, are the new HeartBleed.
Where Heartbleed was a genuine security flaw that jeopardized the personal information of approximately everyone who goes online, the Covert Redirect flaw is one that has been known about and dealt with already.
Read More »Covert Redirect: Definitely NOT The New Heartbleed
The Heartbleed bug absolutely put the internet security world in its ear. To quote internet security expert Bruce Schneier on the Heartbleed bug:
‘Catastrophic’ is the right word. On the scale of 1 to 10, this is an 11.”
That’s right, the Heartbleed bug went Spinal Tap. Is that too dated a reference?