Every normal man must be tempted, at times, to spit on his hands, hoist the black flag, and begin slitting throats. –H.L. Mencken

My Heart Bleeds For You

heartbleedThis week’s post will be a little shorter than usual as I’m a bit swamped by work this week.  Besides, you should be out checking yourselves for vulnerability to Heartbleed and patching accordingly, not reading this crappy blog.

I’ll be back next week with a more detailed analysis of the vulnerability and some more detailed thoughts on it and on the bigger implications.

For now, here are the top three things you need to do, in order:

  • Enable certificate revocation checking in Chrome. (Not on by default, thanks Google.)

  • If you operate any secure web servers, check them for vulnerability and patch OpenSSL if necessary.  If you don’t know how to do this, then you shouldn’t be operating a web server.  If you use SaaS (Software as a Service) that hasn’t patched yet, then you are at the service provider’s mercy.
  • Change every online password you have, but only after each website has been verified as patched.


If you want to read more, try this:

Now get to work.

Give Us Some Curmudgeonly Wisdom...

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


This entry was posted on April 10, 2014 by in CIA/NSA, NSA, Subliminal Messages, The Internet Strikes Back.

Social Media

%d bloggers like this: