Nieman Foundation at Harvard
HOME
          
LATEST STORY
Should it stay or should it go: News outlets scramble to cover Britain’s decision to exit the European Union
ABOUT                    SUBSCRIBE
April 10, 2014, 11:19 a.m.
LINK: source.opennews.org  ➚   |   Posted by: Caroline O'Donovan   |   April 10, 2014

Yes, you need to reset all your passwords. But what are the specific impacts for journalists regarding the Heartbleed security breach announced yesterday? For Source (and also the ProPublica Nerd Blog), Mike Tigas has a breakdown.

If your websites have SSL enabled (when users log in, for example), or if you use VPN software to secure your network, or if you run your own mail servers, your newsroom might be affected by Heartbleed.

Heartbleed can affect anything that uses OpenSSL version 1.0.1 or greater. This includes most open-source webservers (Apache, nginx, lighttpd), and can include email servers, instant message services (ejabberd, etc), and VPN servers (openvpn). Privacy software like Tor and SecureDrop are also vulnerable and have since released updates. Many popular server operating systems are affected and have released patches that fix the bug, including Linux distributions like Ubuntu, Debian, Fedora, Red Hat Enterprise and Arch Linux. […]

If you get a version between 1.0.1 and 1.0.1f, you may be vulnerable. Some Linux distributions include a hotfix for this bug while keeping the same version number, so you should double-check the operating system’s website for more information.

Tigas’ post has specific next-steps for those who may be vulnerable. In addition, ONA’s Jen Mizgata suggests journalists whose hackles are raised by the bug consider attending their security summit this month in Indianapolis.

Show tags Show comments / Leave a comment
 
Join the 15,000 who get the freshest future-of-journalism news in our daily email.
Should it stay or should it go: News outlets scramble to cover Britain’s decision to exit the European Union
Online, readers stayed up for the results: Peak traffic to BBC News, for instance, was around 4 a.m. GMT, and by 11 a.m. BBC.com had received 88 million page views.
Acast wants to get new audiences “in the podcast door” with more diverse shows and better data
With a new paid subscription option and its sights set on non English-speaking countries, the Swedish podcasting startup is looking for listeners (and shows) beyond the iTunes set.
“Medium’s team did everything”: How 5 publishers transitioned their sites to Medium
What happened when Pacific Standard, The Ringer, The Awl, The Bold Italic, and Femsplain moved their sites over to Medium.
What to read next
0Spain’s Eldiario.es has 18,000 paying members, and its eye on the next several million
“We have a potential of six million readers. You may not convince all six million people to be your socios, but if you learn more about their interests, you can get closer.”
0The Washington Post is testing out a few new hurdles for non-paying online readers
The Post is now asking readers to submit their email in order to read stories without paying.
0This new collaboration hopes to aid the endless debates about media with some actual hard data
“For a long time, I’ve wanted to try to put more data and quantitative analysis behind some of the claims and questions we ask around underrepresented and misrepresented stories in online spaces.”
Encyclo is our encyclopedia of the future of news, chronicling the key players in journalism’s evolution.
Here are a few of the entries you’ll find in Encyclo.   Get the full Encyclo ➚
San Diego News Network
Animal Político
Public Radio International
Journal Register Co.
Al Jazeera
SeeClickFix
The Christian Science Monitor
Corporation for Public Broadcasting
American Public Media
New Jersey Newsroom
Circa
The Boston Globe