LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	RIMdrop: Little Internet users can do to thwart 'Heartbleed' bug
From:	Larry Medina <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Thu, 10 Apr 2014 08:47:39 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (55 lines)

I think many of us are becoming more and more familiar with this bug and
we're starting to understand the severity of it.

There is a lot of conflicting advice about what we can do on an individual
basis to prepare for it, but one thing that I've been seeing universally is
DO NOT rush out to change your passwords, unless you want to develop a
complex crosswalk and continue to change them until all of the websites
where you have password access update their protocols.

Until these sites put their patches in place, even if you DO change your
password, it remains vulnerable. Many sites ate actively putting patches
in, however, they aren't all notifying users when they do... so you sort of
need to play the waiting game.

http://www.reuters.com/article/2014/04/09/us-cybersecurity-internet-bug-idUSBREA3804U20140409

For those sites who are actively reporting they have put 'fixes' in place
(like Google) and those who say they 'were not affected' (like Amazon)...
you can, and should, change your passwords NOW. For others, you're better
off waiting and routinely checking any credit card statements of cards you
use on these sites.

My personal way to attempt to combat these types of things is to NOT STORE
credit card info on any websites.... it might take a little longer to
re-enter your numbers every time, but it's a matter of "what price
financial security?" in my mind. I also have a separate credit card I use
STRICTLY for online purchases where a card is required that has a
relatively low credit limit, and I refuse any offers to increase the
limit. For others that accept it, I use PayPal, where my information is
provided to ONE SOURCE only, and others are not given access to any of the
info.

Here's a good article on how to address the Heartbleed issues...

http://www.macobserver.com/tmo/article/dealing-with-heartbleed-what-you-need-to-know

pay special attention to page 6, which offers the suggestion of using a
'Password Manger', like 1Password or LastPass. I have a friend who is
quite pleased with 1Password- do any of you have any experience with either
of these or other password generators?

Larry
[log in to unmask]

*Lawrence J. Medina Danville, CARIM Professional since 1972*

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US