Posts

Showing posts with the label eSecurity

Do not install untrusted software on your phones and computers

The following is a sample of how easy it is for hackers to obtain the data on your computer. Android was used as an example but it could easily be IOS, Windows or even a Macintosh.

The article explaining the research and the root cause is found here.
However, if you choose not to read the article, a demo of how easy it is to obtain your information is shown here..
The videos are also shown below:




Are You Affected by the HeartBleed Bug

HeartBleed Bug is a vulnerability found in the OpenSSL software using in many servers. Details of the bug can be found in The HeartBleed Bug site. I did not realize the seriousness on this until I started seeing list of compromised sites.


A simple to understand list is found in Mashable and a more comprehensive list is found in Github site. However, both sites will only provide you the list of sites they have tested. If you have sites that are not listed and would like to check it yourself, you can use the online tool provided by LastPass.


Some sites I tested do not provide enough information to the tool so am not sure whether it is vulnerable or not and whether it has been patched. To be safe, if unsure, just change the password.

Addendum:
A better tool for checking is available here.
Another tool for checking but goes beyond only Heartbleed.available here.

A graphical explanation of the exploit can be found here.

Found a Q&A on this topic.