| Cult of Mac

Heartbleed Bug: How To Update All Your Passwords In Just 10 Minutes


(photo Buster Hein, Cult of Mac)
(photo Buster Hein, Cult of Mac)

By now you’ve heard all about the catastrophic Heartbleed bug and how it has siphoned passwords, credit card numbers, emails and other data to the vampires who would drain all of us dry. From your love life (OKCupid) to your tax returns, there’s a lot at stake.

Since 66% of web servers are vulnerable to the bug, that means you’re faced with only task more fun than decluttering the garage: changing your passwords.

To help you on your password resetting chores, we’ve compiled the best tools to make the process as quick and painless as possible. Also, they’ll sync your new passwords to your iPhone — all in under 10 minutes. Leaving you time to watch Silicon Valley again.  You’re welcome.

Here’s how:

Change Your Passwords For These 15 Heartbleed-Vulnerable Sites ASAP


(photo Buster Hein, Cult of Mac)
photo Buster Hein, Cult of Mac

Heartbleed sent the web reeling with the discovery that the catastrophic security hole quietly left passwords and other private data open for the taking on nearly 66% of the Internet’s servers.  Luckily for Apple customers, iOS and OS X were never vulnerable to Heartbleed but some of the most popular sites and services on the Internet weren’t so lucky.

Many companies are still working to patch their hole, but Mashable has compiled a list of the biggest sites hit by Heartbleed. There’s no way to tell if your info was actually snatched by attackers, but if you have account on the following sites that were affected and subsequently patched, you should change your password ASAP:

Apple Says That None Of Its Products Are Vulnerable To Heartbleed



Apple has confirmed that none of its products, including web services like iCloud.com, are vulnerable to the nasty Heartbleed web bug that was recently uncovered.

Heartbleed allows hackers to intercept sensitive traffic and steal information like logins from websites using OpenSSL encryption. So when you visit a website with a little padlock in the address bar and think you’re safe, you maybe aren’t.

Why Heartbleed Shouldn’t Make You Rush To Change Passwords … Yet



The discovery of the Heartbleed security bug sent the web into a panic with it’s devastating OpenSSL vulnerability.

On a scale of 1 to 10 of Internet catastrophes this one goes all the way to 11, according to respected security analyst Bruce Schneier, who isn’t prone to manic exaggeration.

A shriek of “CHANGE YOUR PASSWORDS”  has erupted from the throats of sites issuing evasive maneuvers, but you might want to hold off on going password-reset-crazy for just a few days.

Here’s why:

Heartbleed Security Bug: What Apple Users Need to Know



The newly discovered Heartbleed bug is being called the Web’s worst security bug ever.

It allows hackers to steal passwords and login details when users visit vulnerable sites — undetected. That’s the bad part: affected sites probably have no idea they’re vulnerable. The bug is subject to an emergency security advisory. Some experts are estimating that up to 66% of the Internet’s servers could be affected. Each server has to be fixed manually. So it could take a while.

In the meantime:

  • Don’t log into any sites until you’ve officially been given the all clear.
  • Change all your passwords for websites and email. Especially for sensitive sites like banks, credit cards and webmail. However: wait until you know a site has been patched before changing passwords. Sites like Tumblr and Yahoo sent out warning emails earlier today telling users to change their passwords.
  • Apple.com and iCloud appear to be unaffected, according to this (unofficial) list on Github.
  • Install the Chromebleed Checker for Google’s Chrome browser — it pops a warning if a site is vulnerable (Cult of Mac is not. See screenshot below).

We’ve reached out to Apple’s PR department for comment. No reply yet. We’ll update if Apple makes any statement or issues an advisory.