Monday, April 21, 2014

Yet More Digital . . .

Heartbleed is causing problems.
Password Management software stores user name and password for sites. For Hotmail, Hotmail user name and password. For GMail, GMail user name and password. The Password Management software do not mix these up. Also there is confidentiality.
One place the Password Management software do not work is the secured sites. Banking for instance. Here the user has to fill in the username and password manually. These sites work on SSL. Here, the data fed in are encrypted and decrypted at server. Similarly the data from server are encrypted and decrypted at browser level.
Programs had to be developed for utilising SSL features. So, OpenSSL standards were made.
Heartbleed exploited OpenSSL and the data was exposed.
Why did it happen? Encryption, Security are ever changing paradigms. The users of internet are expected to update their systems. Latest browsers are expected to be used. But an average user normally disallows automatic updates by software vendors and this results in malwares like Heartbleed. Because even though the server may be having latest security, the client browser may not. Therefore, only old security would work here. The Heartbleed fully understands this and manages to break the encryption and takes out the heart of information from the junk encrypted value. It enjoys the data fully and data is totally at the mercy of Heartbleed.
Windows 8.1 will be available shortly for phones. For laptops it was already there. Windows 8.1 in phones will mean Cortana assistant; more lockscreen messages from Windows app, say lockscreen reminder messages from reminder windows phone app; more user friendly features like better volume etc. Also tiles backround can be from an image.



sm said...

informative post

Kirtivasan Ganesan said...

thanks for finding useful, sm.

B. said...

we are having so much problem with this now.. got so many clients and so many websites and so many databases .. each needs user id password..

and with new rules coming of No paper .. it is becoming harder.. to store all these passwords


Kirtivasan Ganesan said...

Welcome back to my blog, Bikram.
I see. So this is how it is over there, is it?