Hasta La Gadget!

The Heartbleed bug has making a lot of waves recently and for those unfamiliar, it’s a vulnerability with the OpenSSL technology that could have potentially affected at least two-thirds of the internet, since many web services and online companies take advantage of the technology and implement it on their websites.

Now this vulnerability has been around for years but it was only recently that it was discovered, or was it? According to Bloomberg, they cite “two people familiar with the matter” who claims that this is actually an issue that the NSA has discovered and has exploited the flaw for years. They claim that the NSA has since been using this flaw to gather critical intelligence and have been doing so on a regular basis. (more…)

NSA Apparently Knew About Heartbleed Vulnerability For Years [Report] original content from Ubergizmo.

The NSA has not only known about the Heartbleed bug for at least two years, but exploited it in regular surveillance attacks, insider sources have alleged, opting to keep the … Continue reading

You might not understand the how Heartbleed works , but you definitely heard about it this week. And with it, that drippy, maroon, bleeding heart logo—which is part of what made the story so memorable. In fact, the way Heartbleed was presented by the team that discovered it is a model for how technology issues should be communicated to the public.

Read more…

By now we’re sure many of you guys have heard of a certain security flaw called Heartbleed. For those unfamiliar, the Heartbleed vulnerability was discovered in the OpenSSL technology, which is a set of encryption software that is typically used by internet services and companies to help safeguard user information, and is apparently used on more than two-thirds of the internet, thus making the threat very real and very scary.

Many companies have since come forward to either confirm or deny that their services might have been affected, and for the most part many users have taken to changing their passwords used for online services just to be extra safe. Now the good news for Apple users is that the Cupertino company has since come forward and stated that none of their products or “key web services” have been affected by this flaw.

This was confirmed by an Apple spokesperson in a statement to Re/code. According to the statement made, “Apple takes security very seriously. IOS and OS X never incorporated the vulnerable software and key Web-based services were not affected.” It should be noted that Apple is one of the few major tech companies not affected by this vulnerability, at least that’s what they claim.

There are some like Facebook, Google, and Yahoo who have used the OpenSSL technology and have admitted that there could be periods of time when they might have been vulnerable to the Heartbleed flaw. Like we said, it’s best to go ahead and update your passwords just to be on the safe side.

In the meantime, the folks at Mashable have compiled a list of websites and services that may or may not have been affected by the flaw, so if you want to see if the websites and services you frequent are affected, head on over for the details.

Apple’s iOS, OS X, And “Key Web-Based Services” Not Affected By Heartbleed Flaw , original content from Ubergizmo, Filed in Apple, heartbleed, iOS, OS X,

By now, chances are you’ve already heard about the preposterously huge security hole in SSL. You’ve also probably heard how it could easily have left you exposed to all sorts of nefarious activity over the past few years. Now, thanks to Mashable, we also have a better idea of exactly which websites had the flaw.

Read more…