- Lance Johnson 04.09.2014
Over the past day or two you may have been hearing about a major security vulnerability that impacted services like Yahoo!, Eventbrite, and Imgur. CVE-2014-0160, commonly called Heartbleed, is a serious OpenSSL vulnerability that would allow nefarious users to gain access to encrypted data from a server’s memory.
Green Egg Media wants to assure all of our clients that their data is secure and that we have not been impacted by this vulnerability. All of the servers that we use to store client data and host client websites are running versions of OpenSSL which are not vulnerable to a “heartbeat” attack. For our e-commerce clients that are running on FoxyCart stores, we want to assure you that your data and your customer’s data is also safe. FoxyCart announced yesterday that their services are secure and have not been breached.
It is estimated that Heartbleed may have affected as many as 66% of all web servers around the world. This number is probably too high considering that only selected versions of OpenSSL were impacted; however, the versions which were vulnerable have been in release for over two years now. While the vulnerability may have been wide-spread, unfortunately it is impossible to know whether or not any particular server was actually compromised. A cyber ciminal could get information from a vulnerable server’s memory without even leaving a trace of the request. While most affected service providers, including Yahoo!, have now fixed the problem, if you are a regular user of any affected services, we strongly recommend that you immediately change your passwords for those services, as well as any other services where you are also using that password. In general, we recommend that you never re-use passwords, but we know that many people reuse them anyway.
Since this vulnerability is so widespread, everyone who uses the internet is probably affected somehow. If you use any services that require you to sign in with a username and password, check with the service provider to make sure that they are not running a vulnerable version of OpenSSL. According to the official Heartbleed information site, the status of different versions of OpenSSL is as follows:
Did you know that a post containing visuals gets 94 percent more views than posts without any visuals? Here are some examples of how you can make your post stand out with visual content.
An undocumented feature of CodeIgniter might be causing your CI apps to use more memory than you really need. I recently needed to write an application that would parse the contents of a file containing over 335,000 lines into a database. I was confused when I started hitting my server’s memory limit (32MB), until I discovered that CodeIgniter was the culprit. $this->db->save_queries to the rescue!
A good website is important for today’s businesses. In addition to helping them establish a robust web presence, it can contribute to their marketing campaigns by hosting blogs, white papers, and more. A robust site can also help you reach out to your clients whether they’re using conventional desktops or the latest smartphones. After all, it adjusts according to their screens and devices to avoid compromising the user experience. And don’t forget the great content that helps you attract and engage visitors, ensuring that they come your way on a regular basis. If your website doesn’t deliver even one of these, it’s time for you to get in touch with a website designer/developer. Read on to learn how to get what you want and stay on budget.