MSU offers ‘Heartbleed’ assist

STARKVILLE — Mississippi State University technology professionals are offering patches and advice about the worldwide “Heartbleed” computer security threat to Internet users on campus which may be good information for all web users. MSU security and compliance officer Tom Ritter said “Heartbleed” is being used against at least two-thirds of websites across the world; and allows hackers to connect to servers and draw encrypted read-only information. MSU’s technical services advises users to change Internet passwords to all online banking, social media and websites on which purchases and transactions have been made. He also cautions that many websites using Open SSL (and an open-source encryption technology) have not implemented patches since Heartbleed; and that one-time password changes may not be initially sufficient. Google, Facebook, Yahoo and Amazon have made patches. Web users should not rely on online notifications to change passwords, but rather go to the original sites to made password changes. Source: Mississippi Business Journal, 04/14/14.