Thursday, April 17, 2014

How to protect yourself from the 'Heartbleed' bug

A new security bug means that people all across the Web are vulnerable to having their passwords and other sensitive data stolen. Here's what consumers can do to protect themselves.

Heartbleed security vulnerability
Codenomicon/CNET

A major new security vulnerability dubbed Heartbleed was disclosed Monday night with severe implications for the entire Web. The bug can scrape a server's memory, where sensitive user data is stored, including private data such as usernames, passwords, and credit card numbers.
See also: The Heartbleed bug -- what you need to know (FAQ)
It's an extremely serious issue, affecting some 500,000 Web sites, according to Netcraft, an Internet research firm. Here's what you can do to make sure your information is protected, according to security experts contacted by CNET:
Do not log into accounts from afflicted sites until you're sure the company has patched the problem. If the company hasn't been forthcoming -- confirming a fix or keeping you up to date with progress -- reach out to its customer service teams for information, said John Miller, security research manager for TrustWave, a security and compliance firm.
Some Web sites that appeared to have been affected included Yahoo and OKCupid, though the companies have said their sites are all or partly fixed (see below for details). You can check sites on an individual basis here, though caution is still advised even if the site gives you an "all clear" indication. If you're given a red flag, avoid the site for now. (Editors' note, April 10: Check our constantly updating list of the top 100 Web sites and their Heartbleed patch status.)
The natural response might be to want to change passwords immediately, but security experts suggest waiting for confirmation of a fix because further activity on a vulnerable site could exacerbate the problem.
Once you've got confirmation of a security patch, change passwords of sensitive accounts like banks and email first. Even if you've implemented two-factor authentication -- which, in addition to a password asks for another piece of identifying information, like a code that's been texted to you -- changing that password is recommended.
Don't be shy about reaching out to small businesses that have your data to make sure they are secure. While the high-profile companies like Yahoo and Imgur certainly know about the problem, small businesses might not even be aware of it, said TrustWave's Miller. Be proactive about making sure your information is safe.
Keep a close eye on financial statements for the next few days. Because attackers can access a server's memory for credit card information, it wouldn't hurt to be on the lookout for unfamiliar charges on your bank statements.
Even after following these guidelines, there is still some riskiness in surfing the Web in the wake of the bug. Heartbleed is even said to affect browser cookies, which track users' activity on a site, so even visiting a vulnerable site without logging in could be unsafe. The Tor Project, which stresses anonymity and privacy, wrote in a blog post that users with those needs "might want to stay away from the Internet entirely for the next few days while things settle."
Yahoo seems to be the most major Web to site have been vulnerable to the bug (preliminary tests for Facebook, Google, and Twitter's Web sites said they appear to be safe). The company said that it has "successfully made appropriate corrections" to the main Yahoo properties: Yahoo Homepage, Search, Mail, Finance, Sports, Food, Tech, Flickr and Tumblr. Still, a Yahoo spokesperson said the company is still working to make the fix across the rest of the Yahoo sites.
"I encourage users to not log in into [Yahoo] and other services that are affected since the credentials could have been leaked if they used the service," said Jaime Blasco, director of AlienVault Labs, a security research firm. "As soon as Yahoo solves the issue, it will be helpful if users change their password just in case."
Yahoo has been stressing authentication of late, so that the company would be able to provide a more personalized experience to users, a drum CEO Marissa Mayer has been beating almost since she took over the company. Yahoo provides services like email and fantasy sports, requiring passwords to get access to the applications.
The company has already had some trouble in the security arena. In January, the company had to reset the passwords of some email users after an attempted attack on a third-party's database. In response to the Heartbleed bug, some users have already expressed their outrage on Twitter. Brandon Oxford, from Royal, Ark., wrote: "After this I'm officially done with Yahoo email. I've now set up a Gmail. They seem to be more on top of stuff than Yahoo."
Other companies that were said to be affected chimed in as well. Imgur, the photo-sharing site popular with Reddit users, said: "[We] invalidated sensitive data such as cookies and session IDs, just to be on the safe side. We're proceeding with caution, since the nature of the attack makes it hard to detect, but we have no reason to believe it has been used against Imgur." OKCupid said, "The fix is now fully live on OKCupid."
The question in the aftermath of something like this is whether Web companies will reform their security practices. There has been a move toward Perfect Forward Secrecy (PFS) by many of the major Web companies, but not all of them have implemented the practice. PFS means essentially that encryption keys get a very short shelf life, and are not used forever. "People should want their communications to be secure as possible. PFS is one thing they can push for in the future," said Miller.
CNET's Seth Rosenblatt contributed to this report.

Thursday, April 5, 2012

What is Good Friday?


Answer:
Good Friday is the Friday immediately preceding Easter Sunday. It is celebrated traditionally as the day on which Jesus was crucified. If you are interested in a study of the issue, please see our article that discusses the various views on which day Jesus was crucified. Assuming that Jesus was crucified and died on a Friday, should Christians remember Jesus' death by celebrating Good Friday?

The Bible does not instruct Christians to remember Christ’s death by honoring a certain day. The Bible does give us freedom in these matters, however. Romans 14:5 tells us, “One man considers one day more sacred than another; another man considers every day alike. Each one should be fully convinced in his own mind.” Rather than remembering Christ's death on a certain day, once a year, the Bible instructs us to remember Christ’s death by observing the Lord’s Supper. First Corinthians 11:24-26 declares, “...do this in remembrance of me...for whenever you eat this bread and drink this cup, you proclaim the Lord's death until he comes.”

Why is Good Friday referred to as “good”? What the Jewish authorities and Romans did to Jesus was definitely not good (see Matthew chapters 26-27). However, the results of Christ’s death are very good! Romans 5:8; “But God demonstrates his own love for us in this: While we were still sinners, Christ died for us.” First Peter 3:18 tells us, “For Christ died for sins once for all, the righteous for the unrighteous, to bring you to God. He was put to death in the body but made alive by the Spirit.”

Many Christian churches celebrate Good Friday with a subdued service, usually in the evening, in which Christ’s death is remembered with solemn hymns, prayers of thanksgiving, a message centered on Christ suffering for our sakes, and observance of the Lord's Supper. Whether or not Christians choose to “celebrate” Good Friday, the events of that day should be ever on our minds because the death of Christ on the cross is the paramount event of the Christian faith.

Source: www.gotquestions.org

Tuesday, November 1, 2011

Amazing Human Tricks

<a href="http://msn.foxsports.com/video?vid=6340f353-15ca-422c-b142-a75da7c25575" target="_new" title="">Amazing Human tricks</a>

Monday, August 29, 2011

Mayweather vs. Ortiz 24/7

Here's the first episode of HBO's 24/7 (Mayweather vs. Ortiz).
You're welcome.

Monday, August 1, 2011

My Blog Archive

About Me

I'm a short Mexican from Paramount...I'm married and have 2 boys. I'm healthy and happy with my familia, what else does a man need?