Month: April 2014

Speaking of my favorite password tool, LastPass, the LastPass company announced a new feature in their blog on April 9th.

This new feature arose in the wake of all the publicity around the HeartBleed exploit that I mentioned in an earlier post, and addresses the HeartBleed exploit specifically. Now the LastPass security check can be run from the LastPass icon menu, and it will run the security check and give you recommendations as to whether you should immediately change your password on a given website.

Essentially, it is checking for the use of OpenSSL, and then directing you to change the password for that site. One feature I like about LastPass is its ability to choose a random password that is very complex, enter it into the field for the password change, and then “remember” that password in your LastPass database.

This is a very neat way of checking websites and changing your password to a strong, difficult to guess, password, thus adding greater security to your web surfing habit!

Google is selling Google Glass to anyone in the United States on April 15, but only for a limited time. This is a change from those beta users that essentially had to qualify for the right to spin their $1500 to be part of the beta program!

Now, even if you don’t have a Google Glass Explorer invitation, you can get your hands on Google’s wearable computer. You still need to go to a special website and sign up, again, for the right to spin your $1500 to purchase Google Glass. And, in the interest of helping the economy, here’s a link to that website.

Now, I’m not sure how many of you have $1500 lying around that you can use for an impulse buy! If so, I’d be glad if you send some my way! I can think of some cool tech toys that I’d like to get my hands on. I’m not sure Google Glass would be among them, but that’s just me!

The big news this week in the tech world is the HeartBleed exploit. OpenSSL is used by many websites to secure their web traffic. Secure socket layers (SSL) provides encryption for websites to encrypt and protect the flow of data.

However, Open Source is “taking it on the chin” from a lot of corners that were already opposed to Open Source in the first place. The accusation is that because OpenSSL is an Open Source project, and that so many people have eyes on the source code, that that is allowing exploits to be developed. In fact, the opposite is actually true! The more eyes that are on the source code, the easier it is to find holes and patch them. However, as my colleague at work, that I’ve chosen to call “JoeBob Not-his-real-name,” says: “Anything created by man is inherently flawed.”

The HeartBleed bug, known by the rather difficult to say name, CVE-2014-0160, has been spreading out on the Internet for the last two years, and there’s even some speculation that the NSA has been exploiting the bug for some time to gather information from websites.

Whether this is true or not, it is true that this exploit provides a hacker access to be able to read usernames and passwords from anyone that uses the websites that are using OpenSSL.

This is a HUGE problem, and for this reason, you need to change your passwords immediately on all sites that use OpenSSL, among those are: Facebook, Gmail, and Twitter.

So, get out there and change those passwords! And, Oh, by the way, you should be using something like LastPass to provide very secure passwords for all of your websites, which you can then access by a single password into your LastPass account!

Sorry guys! Two big problems… first, a bad cold, stopped up, feelin’ yukky, plus, I worked all weekend on two things: 1) the TV Studio hardware I showed you on the show last week, and 2) three big software upgrades at work! Wow! What a weekend! LOT’S of stuff happening… we will be on schedule for this coming weekend!