So you have to have heard about the Heartbleed vulnerability right? Where the security software used by many Internet services has a flaw that can allow protected information out into the public. This is an oversimplification, but just know that this flaw is bad, and the ramifications could be unknown for a long time, if at all.
Services and sites are quickly fixing this flaw by patching with updated software. But this flaw has been there for two years, so who knows what has happened during that time. The simplest recommendation is to change your account password for affected systems (and even non-affected systems just to be on the safe side) and only after the vulnerability has been mitigated – no sense change your secure password if the site can’t keep it secure. There are other tips as well besides changing your passwords.
Mashable has put together a good collection of popular online services and their stance with regards to Heartbleed. But what about locally? Are popular Hawaii sites affected? Seemingly not. By using Heartbleed scanning tools, you can get a quick assessment of the Heartbleed status of any site. I ran through some Hawaii sites, and here’s what I found.
All in all, pretty good. No definite vulnerable sites found, and the “unknown” results could be traps to stop Heartbleed attacks. But again, to be on the conservative side, you could inquire about Heartbleed compliance.
Any other Hawaii-centric service you want added to the list? Let me know by adding it to this list.
Update: April 10, 2014, 8:28pm HST
Added another Heartbleed test provided by Lastpass.com