Latest in Encryption

Image credit:

The NSA issues its own suggestions for avoiding lost Heartbleed data


The United States National Security Agency may or may not have known about the security vulnerability known as "Heartbleed," but now that it's a widely publicized issue, the agency has some safety suggestions. Sure, you've probably heard all this before, but bear with us.

First and foremost, websites/web services using the affected software (OpenSSL versions 1.0.1 through 1.0.1f) are told to update, or turn off the function which enables the security flaw. Second, a variety of OSes and client/server software use the affected service, so the NSA suggests you get in touch with your software's creator directly (Google's already taken care of it in one version of Android, for instance). Finally, after you're back up on a safe version of the website/service/OS you use, it's time to dump your current password in place of a fancy new one. Like we said, nothing you haven't heard before, but here's the NSA confirming as much. Head below for the full document in all its acronym-laden glory.

From around the web

ear iconeye icontext filevr