Internet Security Breach: the Heartbleed Bug & You

About the “Heartbleed” Bug

The “Heartbleed” Bug (aka CVE-2014-0160) is a security vulnerability loophole that has affected the security of many, many mainstream sites on the web that use specific versions of OpenSSL encryption.  OpenSSL is an open-source, widespread encryption method used to encrypt website data transfers, and the Heartbleed vulnerability has left many OpenSSL-encrypted sites open to potential hackers.  One should note that most financial sites use proprietary encryption methods and not OpenSSL, so this situation has not affected most banking or credit card sites.  This OpenSSL vulnerability means that your user names, passwords, and credit card information on affected sites may have been compromised.

Here’s what to do:

  1. Read this entire post, and change your passwords immediately for the sites listed at the bottom of this post, under the heading “Change the following passwords immediately.”
  2. Don’t panic, and stay informed. Find links to informational material below. Just like fraud on credit cards, which has happened to most of us at some point over the years, we have to start from where we find ourselves and implement best practices for the present and the future.
  3. Keep a close eye on financial statements this month. Look over your bank account and credit card account statements closely, and follow up with any questionable charges. We should be doing this anyway — this is a good time to start the habit if we we have gotten a little complacent.  You could check your recent transactions list now.
  4. Change your usernames and passwords on all sites that have been affected, but do so ONLY AFTER you have confirmed the site in question has updated their OpenSSL to a secure version. If you change your password before the site has closed the OpenSSL loophole, you may be giving a hacker your new password. Check’s list of sites that have patched the loophole by clicking here or’s list here.
  5. Use different passwords for each site. I know this is a pain, but we simply must no longer use a single password for all sites.  It’s just too risky.  To help with this, we should all… (see the next item)
  6. Seriously consider using a password manager. The best in the business for Mac and iOS is 1Password, and everyone really should consider investing in it, especially as it’s 50% off right now.  Check it out here:  Built into Mac OS X 10.9 Mavericks and iOS 7.0.3+ is Apple’s secure iCloud Keychain password manager (click here for information about it and help setting it up). It works well with Safari on Mac and iOS, but not with other browsers, and it holds only passwords and credit card information, not secure notes or other information (e.g. software serial numbers) like 1Password and other more robust password managers can.  At the very least, everyone should use iCloud Keychain, and use Apple’s suggested randomly generated passwords rather than re-using a single user-determined password.

Knowledge resources:

Heartbleed bug: What you need to know (FAQ)

Heartbleed: Two steps to protect your information

Heartbleed bug: Check which sites have been patched

The Heartbleed Hit List: The Passwords You Need to Change Right Now

Technical information about the bug from the security firm Codenomicon that co-discovered it can be found here:

Change the following passwords immediately — stop what you are doing and do this NOW:

Below is a short-list of popular sites on which you should change your password right away.  This is NOT a complete list of affected sites, it is just my short-hand reminder of some of the most popular sites you should address immediately — these sites have patched the loophole and are ready for us to change our passwords on now.  Click here to check a live-updated list from or here for’s list (also linked to above) for updated information.  But again, address these sites/accounts immediately:

  1. gmail / google account
  2. youtube
  3. facebook
  4. dropbox
  5. Skype
  6. yahoo!
  7. instagram
  8. pinterest
  9. netflix
  10. yelp
  11. flickr
  12. soundcloud
  13. getpocket
  14. godaddy
  15. vimeo
  16. wikipedia
  17. blogspot
  18. blogger
  19. tumblr


Guide to the stock iOS Music app via @idownloadblog

Here is a nice guide to the stock iOS Music application by’s Jeff Benjamin.  Those who are interested in getting more mileage out of their iPhone or iPad as a music player should give this article a read.  Below is an excerpt.  Click HERE for the full article.

The Music app is a stock application that comes preinstalled on all iOS devices. It’s the primary way for playing music on the iPhone, iPod touch, and iPad. With iOS 7.0, a new feature was baked into the stock Music app called iTunes Radio. iTunes Radio is an ad-supported service that allows users to browse more than 250 curated stations. Users can also create and build their own stations, which feature Pandora-like customization over time.

The stock Music app has endured significant changes over the past few years. The Music app was once exclusively relegated to the iPod touch, with iPhone models offering an “iPod” app as a means to play music and watch videos. Eventually, with the advent of iOS 5, the iPod app was broken-up into separate Music and Video apps for the iPhone line, unifying the stock Music app presence across all iOS hardware.

While there are many ways to play music via third-party apps on iOS, the stock Music app is the only music application that’s closely integrated with iTunes and allows you to use the iTunes Match iCloud-hosting service. There may be benefits to other apps like Spotify, but no app is as tightly intertwined with the rest of iOS as the stock Music app. With that in mind, please take a look inside, as we break down the many facets of this ever-growing and ever-changing stock application…

Jeff Benjamin,

iOS 7 upgrade tutorial

Many of my clients have asked me if it’s time to upgrade to iOS 7. As it is a “.0 release,” we have to expect that there will be bugs and some applications you might use will not be updated and may run poorly (crashing) or not at all.  That said, most of the applications I use on a daily basis seem to be running fine on iOS 7.

Here is what I advise my clients to consider and do before upgrading:

  1. ONCE YOU JUMP, YOU CAN’T COME BACK. There is no down-grading back to iOS 6.x once you install iOS 7. (There are potential exceptions to this if you have saved your SHSH blobs with Tiny Umbrella, etc, but it’s best to consider the jump permanent.) Thus, one must make sure one’s ready to jump! So….. 
  2. The first thing I suggest my clients do is to check with their system administrators to see if all business-critical applications they run on their iPhones and/or iPads are iOS 7 ready and tested on their business networks. Seek the advise of your admin about upgrading — will you loose critical business functionality? Will your admin be able to support you if business-critical apps don’t function correctly?
  3. Make a list of the most important applications you use on a daily basis — for most users, a top-10 or top-20 list should suffice. These are the apps that you just couldn’t live without.
  4. Then, check these applications out on your computer in iTunes > iTunes Store. Check the Info about these applications and see if they are iOS 7 compatible. You might have to click “…More” in the lower right had corner of a text block under “Description” or under “What’s new in version xxx” to see the full list of changes. You are looking for something that mentions “compatibility with iOS 7.”
  5. If you don’t find info on iOS 7 compatibility for your most-used apps in iTunes, search the web for the developer of the app in question, and see if there is info on the company blog or other company support site. Feel free to contact the developer for more info. It’s important to know that your most used apps are compatible with the system before you update. You don’t want to be kicking yourself later and loosing productivity because you updated at a moment when critical applications you use were not ready.
  6. Software update on your Mac. Go to the apple menu and choose “Software Update.” Install any updates the App Store / Software Update has for your machine. This update will include iTunes 11.1, if you have not already downloaded and installed it. You will need iTunes 11.1 to install iOS 7 on your compatible iOS devices.
  7. Update all apps in iTunes. Go to iTunes on your computer, and choose Apps, and go to the Updates tab on the top menu bar on the right. Choose Update All apps.  
  8. Sync your iPhone/iPad/iPod. Plug your phone into your computer and sync. Do not update the software yet! It may start a sync automatically, or you may have to press Sync on the bottom right. 
  9. Open iPhoto, and import all photos from your device. 
  10. Manually backup your phone to your computer. You may have it set so that your phone automatically backs up to iCloud, and this is fine. But before you update your OS, I suggest you backup your phone to your computer. It’s best to hold a local backup before a major software upgrade.  Choose your iPhone in the list of devices in iTunes, and then go to the Summary tab, and choose “Back Up Now” in the section titled “Manually Back Up and Restore”.
  11. STOP. Quit all applications. Log out, and log back in with the Shift key held down. 
  12. Backup your computer, ideally with SuperDuper! or Carbon Copy Cloner, to make a bootable clone of your computer at this moment. This will include backups of your iOS device you just made.
  13. Boot up / restart your computer. 
  14. Now you are ready to start the iOS 7 upgrading process
  15. Plug in your compatible iOS device, and let it sync to iTunes if it does so automatically.
  16. If it prompts you with a dialog box that says “new software is available for you device,” you can now choose “download and install.” 
  17. If it does not prompt you with a dialog box, then choose your iOS device in the list of devices, and go to the Summary tab, and on the top right inside the Summary window, click “Check for Update.” 
  18. Once it finds the available iOS 7 update, click on Download and Update Now. It is advisable to update your device from iTunes rather than on the device itself. You can update from the device, but I would suggest updating from iTunes on a computer.
  19. THE UPDATE WILL TAKE TIME TO DOWNLOAD! Depending on your internet connection speed, this could take between 20 minutes and 2+ hours — each iOS 7 software update package is more than 1 GB. 
  20. If you have clicked Download and Update, then leave your device plugged in to the computer and it will start the updating process automatically.
  21. When the Latest software, iOS 7.0, has been installed on your device, it will ask you if you want to restore it from a backup of your device or set it up as a new device. I usually use major software updates as a time to do spring cleaning, so I set it up as a new device and go through and choose what apps I really want on the device, the ones I actually use regularly. Then I choose the music again. And the photos again. And the videos again. I do all of this instead of just blindly taking what I had had before. I always end up with at least 30% more free space on my device, and this is good! All of this takes time, however. It takes time to choose the apps, to organize them on your home screens / pages / folders, and it takes time to sync them. The same goes for the music and pictures. But it starts you off with a clean slate! If you don’t have the time, you can just restore from your most recent backup of your device, which will be offered to you in the drop-down list.
  22. After you have chosen to set up your device anew, then this last moment of syncing won’t take too long. *Note: If you restore it from a backup, it will do it’s syncing at this point, and this will take a while, especially if you have lots of music, apps, photos, etc. You’ll have to just let it do it’s thing.
  23. Especially if you have set it up as a new device, it is at this moment I would suggest manipulating the syncing Options inside the Summary tab at the bottom of the Summary window, before you start determining music and photos and apps. These are the settings I suggest:  
  24. AUTOMATICALLY SYNC WHEN THIS PHONE IS CONNECTED > up to you. I do not keep this checked, I prefer to sync manually and have control over when my phone syncs (because sometimes I charge from my computer and do not wish to sync at that moment). But this is pure preference.
  25. SYNC THIS iPHONE/iPAD OVER WIFI. Also personal preference. I keep this box unchecked myself. 
  26. SYNC ONLY CHECKED SONGS AND VIDEOS. I keep this box unchecked
  27. PREFER STANDARD DEFINITION VIDEOS. I keep this box checked
  28. CONVERT HIGHER BIT RATE SONGS TO 128 kbps AAC. I keep this box checked
  29. MANUALLY MANAGE MUSIC AND VIDEOS. I keep this box unchecked. Now, this will prompt you with a dialog box which will say all music will be deleted from this device and replaced with music from this iTunes library. If you are setting up your device as a new device, then there is no music on it anyway, so there is nothing to loose. However, after you uncheck this box, you’ll need to go to the Music tab and change the settings — by default, it choose to sync your entire music library, and this will likely be much too large to fit on your device. You do NOT want to fill every last MB of space on your phone with music! Ideally you should have at least 20% free space on the phone for it to run as fast as possible. So, inside Music tab choose “Sync Music” and then below “Selected playlists, artists, albums and genres.”
  30. Go through each tab and make sure you are syncing only what you want: 
  31. Apps: choose the apps you want, and you can arrange them on screen and pages and folders right from iTunes. Folders can now hold more apps than before, you can have multiple pages of apps in a folder! This is nice for the clutter-conscious.
  32. Choose Apply or Sync on the bottom right after you make changes in each tab. It will sync, maybe take a long time depending, and then you can make more changes.
  33. Go through each top-menu bar tab and determine what you want to sync. Apps, Tones, Music, Movies, TV Shows, Podcasts, Books, Photos. Apply changes after you make changes in a given screen. 
  34. Photos. It’s a good practice to make albums in iPhoto and drag photos you want to sync to your device into those albums. then, in iTunes / Device / Photos, choose only those albums that contain photos you actually will use on the device. 
  35. Sync again at the end. 
  36. Finally, backup your device again in the Summary Tab > Manually Back Up Now.  This will give you a new backup after all your hard work setting up your newly updated iOS 7 device!

Feel free to contact me with any questions or concerns before, during or after the upgrading process! 

Flipboard for iPhone (& iPad)

Flipboard is a very compelling iPad application that just launched on the iPhone. It aggregates your social media content in a kind of personally-tailored digital magazine, where you can find your Twitter feed, FaceBook timeline, RSS feeds, etc, as well as specifically tailored news, information, travel, and lifestyle content, as well among many others.

For those new to Flipboard, here is a nice intro tutorial by my friends at iDownloadblog, definitely worth checking out.