So Whats Behind Heart Bleed?

The past week as been one of Heartbleed coverage. I read all the stuff saying to change passwords, etc but I was thinking, what is it?

Its a vulnerability in Openssl, specifically version 1.0.1, any site with a version before this (such as Last.fm) isn’t affected. An implication of the SSL protocol which is used to secure communications on the internet. Thus, it matters not what device or browser you are using for interacting /connecting with sites. Simply, ANY data transmitted is at risk of compromise and is able to be read by anyone with access to the data. This includes both on the net servers and also Ubuntu and other Linux’s which use the protocol. For more details check out http://heartbleed.com/ they say and know it better than I!

How is it fixed? A patch has been available since the problem was found and most sites have updated as well as mint linux (I checked my machine updates). Check here for a list of sites which are/were or maybe affected http://www.cnet.com/uk/how-to/which-sites-have-patched-the-heartbleed-bug/
The user is highly advised to change passwords, etc has these would have been able to be read within the encrypted data. However, the first responses that I saw were headlines of change passwords now! Don’t, check the above list and then, only then change your passwords when the website has carried out the fix. From what I have read it isn’t a good idea to do it before as it will still able to be read. Do it after!

This is what I have come up with but what I don’t understand is this. Why is something so important only maintained and developed by a few volunteers and has from what understand, has under £2000  a year donations?

This whole thing has made me think of password security, web security, etc. Maybe its time for improvement.

If I am wrong on of the above, please comment and I will make adjustments to correct the mistakes.

Automateit pro – App of the ‘Whenever I Can’

For a while now I have been thinking that its maybe time to get my phone to do stuff automatically. For example go quiet at night, download podcasts, turn WiFi on and off, etc. I cann’t remember how I found it but Automateit seems to fit the bill and do the job.
There are two versions, Automatit and Automatit Pro, after a couple of weeks of trial and I found that the App did what was required and so bought the Pro version. I’m hoping that it isn’t like other Apps and requires both versions to function after the pro version is installed because the free version has just been uninstalled. The App is supported by a web page http://automateitapp.com/ . This is a welcome difference compared to many other apps where the only information is often the page on play store. Its nice to have a place to go for help and guidance. I actually consider this to be one of the best websites that is connected to a app and seems to have a vibrant community to support it.
In use, you set up what is know as ‘rules’, these are mostly preset and just need to be customized for yourself and there seems to be others appearing, just download from the website or through the app (easiest way) and your away. I’ve still got a couple more rules to add that I can think off (turn WiFi off for a start!). You can also back up your rules in case anything goes wrong and you have to reinstall the app or start again. On top of this you can also find rules from other users on the website.

After some testing I found that you don’t need both versions and so just the pro version on the phone.

Forcehawk

Pebble Progress

I’ve been using my Pebble for a couple of weeks now and what a difference. First I had to get used to wearing a watch again, which I still don’t all the time such as when I am at home. One of the first questions that came to mind was: How much of a drain on phone power is it? In my experience very little, in fact the battery seems to be lasting longer during the day because I’m not checking the phone for the time or checking messages. The battery on the watch last roughly 4 to 5 days depending on use.

The support for the watch, as in instructions seems some what basic if at all available and use of the watch relies on the user finding out what the buttons do on their own. The website seems more for selling but a lot of information can be found in the forums and help pages. The apps pages seem somewhat bare but this is understandable seeing as though many are just starting out. I’ve tried 3 or 4 apps and 2 have already been uninstalled due to a user unfriendly attitude! I haven’t had much of a chance to check many of the available apps out but over the next few weeks I will.

Only one app has past the one week test, Notifier. Seems a lot better that the notification alerts that came with the watch and has meant that I don’t need to look at the phone all the time because it displays all or most of the messages or alerts from apps which matter such as email, twitter (Talon in my case) and SMS. I haven’t really had much time to play around with it but it does come with some form of instruction…which buttons do what. Within the app check out Help and it show a picture of the watch and the buttons are labeled. I have just discovered reqallable which is going to be tested over the next week or two. But thats for another time.

Even though I’ve had the watch for a short time I can see great potential for it, depending on what apps are used. Yes, compared to the next generation of smart watches its basic but the Pebble is all I really need.  Currently I really don’t see the point of having loads of functions such as calling on a watch. Really, I don’t want to look like an idiot talking to my wrist, nearly as bad as using a tablet to take pictures out side!

 

Forcehawk