Nieman Foundation at Harvard
HOME
          
LATEST STORY
Die Welt’s analytics system de-emphasizes clicks and demystifies what it considers a “quality” story
ABOUT                    SUBSCRIBE
April 10, 2014, 11:19 a.m.
LINK: source.opennews.org  ➚   |   Posted by: Caroline O'Donovan   |   April 10, 2014

Yes, you need to reset all your passwords. But what are the specific impacts for journalists regarding the Heartbleed security breach announced yesterday? For Source (and also the ProPublica Nerd Blog), Mike Tigas has a breakdown.

If your websites have SSL enabled (when users log in, for example), or if you use VPN software to secure your network, or if you run your own mail servers, your newsroom might be affected by Heartbleed.

Heartbleed can affect anything that uses OpenSSL version 1.0.1 or greater. This includes most open-source webservers (Apache, nginx, lighttpd), and can include email servers, instant message services (ejabberd, etc), and VPN servers (openvpn). Privacy software like Tor and SecureDrop are also vulnerable and have since released updates. Many popular server operating systems are affected and have released patches that fix the bug, including Linux distributions like Ubuntu, Debian, Fedora, Red Hat Enterprise and Arch Linux. […]

If you get a version between 1.0.1 and 1.0.1f, you may be vulnerable. Some Linux distributions include a hotfix for this bug while keeping the same version number, so you should double-check the operating system’s website for more information.

Tigas’ post has specific next-steps for those who may be vulnerable. In addition, ONA’s Jen Mizgata suggests journalists whose hackles are raised by the bug consider attending their security summit this month in Indianapolis.

Show tags Show comments / Leave a comment
 
Join the 15,000 who get the freshest future-of-journalism news in our daily email.
Die Welt’s analytics system de-emphasizes clicks and demystifies what it considers a “quality” story
Every story’s performance reduced to a single score: a reductionist take on journalism or a way to make a news organization’s values concrete?
Good news, publishers: People will read your long stories on their phones (for two minutes, anyway)
People will read longer content on their smartphones, a new Pew report finds.
Tampa just lost a daily newspaper; is this the continuation of an old trend or the start of a new one?
Buy a company, milk the cash flow, sell off assets, shut it down: It can be a profitable formula. Is this the end game for some metro newspapers?
What to read next
0
tweets
“Investigative brand journalism”: The Guardian and Amazon step into the next level of sponsored content
The series isn’t overtly promotional, but its tone is very different from that of recent true crime coverage like Serial and Making a Murderer.
0Hot Pod: As more podcasts become TV shows, can their founders retain creative control?
Plus: Podcasts as time-shifted cable TV; MTV News launches its first podcasts; Postloudness moves beyond Mailchimp.
0Live, local, late breaking: On Facebook Live, news outlets take a cue from TV (but don’t call it TV)
“This opens up all kind of new ways and products to tell stories that are not so focused on production values.”
These stories are our most popular on Twitter over the past 30 days.
See all our most recent pieces ➚
Fuego is our heat-seeking Twitter bot, tracking the links the future-of-journalism crowd is talking about most on Twitter.
Here are a few of the top links Fuego’s currently watching.   Get the full Fuego ➚
Encyclo is our encyclopedia of the future of news, chronicling the key players in journalism’s evolution.
Here are a few of the entries you’ll find in Encyclo.   Get the full Encyclo ➚
Center for Public Integrity
The Dish
Baristanet
The Daily Beast
St. Louis Beacon
Salon
Facebook
Wisconsin Center for Investigative Journalism
Fwix
ABC News
Kaiser Health News
The Sunlight Foundation