Should you worry about Heartbleed?

The heartbleed vulnerability in OpenSSL has a lot of people panicking. Brendan Spaar explains what heartbleed is and what you need to do to protect yourself.

By now you have probably heard of the security vulnerability known as Heartbleed.  The news broke last week that versions of website encryption software OpenSSL were susceptible to an attack where someone could listen to traffic being sent to and from a secure website.

Could a hacker retrieve every password, bank account, and social security number from a website?  Not likely.  This attack had to be occurring at the same time that you were entering sensitive information into a secure website running OpenSSL.  The attacker would send the website data and lie about the number of characters this data should be.  For instance, the attacker would say they were requesting DOGS (200 characters).  The website would then return DOGS followed by the next 200 secure entries it had received.  Could an attacker be running this type of query all day every day?  Possibly but not likely.  Brendan Spaar recommends you change your password on affected sites out of an abundance of caution and also because you probably have never changed your password, ever.

Is it safe to file my taxes with Heartbleed in the open?  Yes.  The IRS does not use OpenSSL.

Here are a list of sites that Brendan Spaar recommends changing your password on:

  • Google, YouTube and Gmail
  • Facebook, Instagram
  • Netflix
  • OKCupid
  • Pinterest
  • Wikipedia
  • Yahoo, Yahoo Mail, Tumblr, Flickr

Should creationists be allowed equal time on COSMOS?

Neil deGrasse Tyson

A creationist by the name of Danny Falkner, of Answers In Genesis, is making noise that he would like to see more about creationism on the science show COSMOS which airs every Sunday night on FOX.  Brendan Spaar is an avid watcher of this show and has heard the host, Neil deGrasse Tyson, mention several times that no one can be sure what happened before the big bang.  While Tyson uses science to dismisses the belief that the universe is only 3500 years old, he does reason that someone could have created it in the beginning.  We just don’t know.  If Mr. Falkner wishes to see more of creationism in science, he should first allow more science into religion.

Can you protect your Tesla Model S from hackers?

The Tesla Model S may be super high tech but like most computer systems, it is not immune from hackers.
Brand: Model S
Manufacturer: Tesla Motors

Tesla Motors’ all electric sports car can do zero to sixty miles per hour faster than most gasoline powered automobiles may have one serious flaw.  This car relies on a complex computer system to control nearly every aspect of it.  Can the Tesla Model S be hacked?  Brendan Spaar has learned that all that separates a hacker from this system is a six digit password that can be broken by brute force techniques.  If you think about it, six numerical digits 0-9 only requires 1 million attempts before you have exhausted every possible combination.  This may not sound like a lot but for a computer system that is capable of thousands of attempts per second, it would only take a few minutes before someone has remotely unlocked your car or is allowed to follow it on GPS.  As more and more cars become reliant on technology, automakers need to put cyber security in the same category as vehicle safety.