The Heartbleed Security Issue is here. I tried out the Leap Motion controller last year; it’s a “hands free” device (small box) the connects to Mac and PC computers with accompanying software where hand gestures look to replace the traditional computer mouse during interactions.
This service recently sent me the following notice regarding the Heartbleed Security Issue:
Hello,
At Leap Motion, we take your account security very seriously. On Tuesday, we were informed of a major vulnerability, dubbed Heartbleed, within one of the Internet’s main security protocols. A great number of services across the internet – including Airspace – may have been affected by this issue.
Since learning of the vulnerability, we’ve been taking the proper measures to ensure the security of Airspace, and the bug has been patched. Our customers’ payment information, including credit card numbers, were not affected by the bug. We also have no indication that any data was compromised.
Nonetheless, we encourage you to change your Leap Motion account password. If you have any questions, please reach out to our customer support team.
Thanks,
Leap Motion
Codenomicon and Google Security found the issue throughout widely used website technology that use OpenSSL protection/encryption (e.g. https://…). In a nutshell, the Heartbleed security issue means that the closed padlock you usually see in your browser’s address bar — the one that tells you that your connection is secure — has been compromised. Heartbleed made it possible for its users to access your supposedly encrypted information.
Leap Motion certainly isn’t the only service that uses https, and they aren’t the only company that is worried about whether their files were compromised. Without knowing the full facts, it’s hard to know whether to let companies fix this issue or spend the time changing several personal Web accounts. Users can try a Heartbleed test, can look for company notifications, and can change their Web account information, which is definitely a way to proactively boost security.
What do you think of this Heartbleed security issue? Time to panic, or should we wait and see?
I’m not panicking, but it’s always annoying when you need to go through and change passwords for services, particularly when they are not all that critical and their use doesn’t really expose personal info. The read later service Pocket sent an email suggesting an email change. I did it, but now that means that a bunch of apps on my iPad need to be reconfigured. It’s more annoying than anything, and, what’s the worst that can happen? Other people can access or read material I’ve saved for myself to read later?
Still, I change the PW and go through the annoyance. Perhaps more annoying than Pocket are the services that I know were susceptible to compromise but that have not sent any notification to their users – Yahoo mail, I believe Google as well. At the very least we users deserve notification, right? At least Pocket, ITTT.com, Lastpass, and 1Password have let me know where their services stand.
Nice points. Yes, a necessary annoyance if we want to use the technology. Definitely a customer service test right now for these well varied companies.