Apple got good news from New York courts Monday, faced Congress on Tuesday, got widespread tech support Wednesday. Then there's the #cyperpathogen.
There are only two things you need to know about the gmail mess from Wednesday:
- It was not a hack of 5 million gmail accounts.
- Use Google to check the integrity of your account, not a third party site like isLeaked.com.
UPDATED: By now, you should have heard about the Heartbleed bug that decimated encryption for web servers that were using a version of OpenSSL dated December 31, 2011 or later. The latest news on this ongoing story is on my Storify. What to do? Change your passwords on accounts where you would be upset if someone were to steal into a digital trove of personal information -- like credit card numbers, for example. Generally speaking, if you change your passwords before a site implements a patch, you'll need to change it again afterwards. Tumblr, for example, advised its members to change passwords after it installed the patch. Ditto LastPass, which explained its encryption scheme, one that includes something called perfect forward secrecy. Check to see if the site has already taken the first step towards correction. And be prepared to change those passwords again after web site admins have completed all steps necessary to plug the hole.…continue reading →