Nieman Foundation at Harvard
HOME
          
LATEST STORY
Stat is publishing a print section in Sunday’s Boston Globe — and it might be coming to a paper near you
ABOUT                    SUBSCRIBE
April 10, 2014, 11:19 a.m.
LINK: source.opennews.org  ➚   |   Posted by: Caroline O'Donovan   |   April 10, 2014

Yes, you need to reset all your passwords. But what are the specific impacts for journalists regarding the Heartbleed security breach announced yesterday? For Source (and also the ProPublica Nerd Blog), Mike Tigas has a breakdown.

If your websites have SSL enabled (when users log in, for example), or if you use VPN software to secure your network, or if you run your own mail servers, your newsroom might be affected by Heartbleed.

Heartbleed can affect anything that uses OpenSSL version 1.0.1 or greater. This includes most open-source webservers (Apache, nginx, lighttpd), and can include email servers, instant message services (ejabberd, etc), and VPN servers (openvpn). Privacy software like Tor and SecureDrop are also vulnerable and have since released updates. Many popular server operating systems are affected and have released patches that fix the bug, including Linux distributions like Ubuntu, Debian, Fedora, Red Hat Enterprise and Arch Linux. […]

If you get a version between 1.0.1 and 1.0.1f, you may be vulnerable. Some Linux distributions include a hotfix for this bug while keeping the same version number, so you should double-check the operating system’s website for more information.

Tigas’ post has specific next-steps for those who may be vulnerable. In addition, ONA’s Jen Mizgata suggests journalists whose hackles are raised by the bug consider attending their security summit this month in Indianapolis.

Show tags Show comments / Leave a comment
 
Join the 35,000 who get the freshest future-of-journalism news in our daily email.
Stat is publishing a print section in Sunday’s Boston Globe — and it might be coming to a paper near you
The health and life sciences site is in talks with other newspapers about republishing its coverage in print.
A new database of fake news sites details how much fakery has spread from Trump v. Clinton to local news
Plus: The New York Times walks back an extremely popular tweet, California adds media literacy to its curriculum, and the KIND Foundation tries out a “Pop Your Bubble” app that nobody is going to want to use.
Nieman Lab is looking for more stories of digital innovation outside the U.S., and we’d love your help
Have ideas for things we should cover? Want to help us cover them? Want to help us translate stories so that they reach more people? Join our new Slack community!