08000 433 006 info@cloud-genius.com

Heartbleed and Cloud Genius – should I worry?

heartbleedSome of you may have heard about a massive flaw in the security of the internet.

This is really serious and everyone should be aware of the implications.

Heartbleed is the sort of flaw that gives systems admins huge nightmares.

On vulnerable websites there is a significant possibility that your passwords have been revealed to hackers making use of the bug. Worse than that, if a site has been compromised there is no evidence!

It would be good practice to change all the passwords you use on the internet. Now.

…unless you have evidence that the services you use are not part of the problem.

At Cloud Genius, we have performed a full review of the services we use.

  1. Services to back up websites/update plug-ins. For clients that subscribe to this services one was not vulnerable, the other service has been secured and we have taken steps necessary to prevent any problems. No action required on your part.
  2. Website hosting – our provider has informed us that they are vulnerable. Until they update all their systems you may wish to change the password on your account at http://webhost.cloud-genius.com. Once their patching process is complete you should change your password again on the account. We will endeavour to let you know when this is.
  3. Paypal – our understanding is that Paypal is not affected.
  4. Teamviewer – our remote control solution of choice is not affected.
  5. Salesforce – To the best of our knowledge is not affected.
  6. LastPass – our password management software of choice is not affected. (And helped a lot in fixing services that were affected.)

Here is a list of other networks that were affected – these include people like Google, Yahoo and many others.

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

This is really serious. Make sure you are not caught out!

One positive – LastPass was able to scan all the services we use, list the affected services and make password changing a doodle! Highly recommended… and much more secure than any other system we have come across.

Dyn to End its Free Service

Many of you who have grown up with the internet will be aware of the DynDNS service.

This allowed you to host services from home and get to them with a website address that ended .dyndns.com (or one of a variety of other endings). Mine was jd10k.dyndns.com.

Very soon it will be no more. Dyn want you to subscribe to their ‘Pro’ service, at $25 per year! (There is a temporary, discount.)

There are other options. A similar free service is provided by no-ip for free!

But perhaps you were hosting your email and/or website from home (not the best idea), in that case you might want to check out our low-priced email and web services on WebHost. You may want to add a personal domain name to that, too. You can do all that and still save on the price of the Dyn offering (and a personal domain name will look far more professional).

Anyway, there are lots of better options that signing up for Dyn’s service. Good luck!

Time for a change.