"An Open Mind" with Angela Hill
Text Us: 870870
Studio: (504)260.1870
WWL>Topics>>4-11 9:45am Tommy, big online breach

4-11 9:45am Tommy, big online breach

Apr 11, 2014|

Tommy talks to Jason Glassberg, the co-founder of Casaba Security, about the Heartbleed bug

Related Audio:

  1. 12-18 9:10am Tommy, Jindal's political aspirations?

    Audio

    Thu, 18 Dec 2014

    Is Gov. Jindal looking to life after Louisiana? Tommy talks to Josh Stockley, an Assistant Professor of Political Science at ULM, about Gov. Jindal.

  2. 12-18 8:15am Tommy, the Great Fruitcake Debate

    Audio

    Thu, 18 Dec 2014

    Fruit cake....love it or hate it? Tommy talks to Dave Haydel with Haydel's Bakery about fruitcakes

  3. 12-18 7:15am Tommy, would you go to Cuba?

    Audio

    Thu, 18 Dec 2014

    Did Pres. Obama do the right thing by opening relations with Cuba? Tommy talks to Peter Maer, CBS Radio News White House Correspondent, about the thawing of US/Cuban relations

  4. First News 6am

    Audio

    Thu, 18 Dec 2014

     

+

Automatically Generated Transcript (may not be 100% accurate)

Appeared about as hard lead blog or a virus or whatever it is good. Once again it's people's monopolies that late at night the finally street with your computer where. We -- is trying to work and pay your bills -- -- covered joins us right now co-founder of this public security of friend who's been on this. The -- height on Jason. -- Tell me about it is hard lead -- virus. In words that we can understand I guess late how could it happen. The likelihood of something like this happening moving forward and you fix it and we and as people -- accounts actually at -- get involved in this know. You -- -- do it is that there's actually quite serious wall. -- -- would be considered a vote and not necessarily Myers is something that wouldn't. Inadvertently programmed into the answer L article that -- L is the eat the the protocol level. Web. Traffic to communicate encrypted so this is the need Betsy you'd use eagle on your ranking. Of -- has basically scramble your traffic. So that people can't just read. Now that the problem here is that it is day law with the servers of the Internet and not necessarily your machine. So fixing it is not an issue of and uploading -- It's really matter. Companies that you connect to upgrade their services later urged -- Bet that they'll. And optics from the servers on there and. So for those of us Jason who you know barely understand the concept of Ctrl+Alt+Del. -- caucus. And stuff like this have happened when people that. You talk and things of such a magnitude in such importance how how could they not. Anderson and amassed in my own. Yeah I knew I knew I do you know quite frankly that result -- Computers are complicated the Internet is complicated. And to all of this complex city. People tend to make mistakes. And quite frankly you know you're you're talking about it an application of a program that probably hundreds of thousands of lines of code. Al within those hundreds of thousands of lines unfortunately once the oil and human beings and make mistake and it -- the root cause you're ultimately. There's someone made a small mistake. When they were program. It was very well hit it. And someone roundly abused and because they can -- it. Calm you or your private information and -- So it is not that area in the sense that someone went out and -- -- -- us trouble it's a problem because there was a mistake and the mistake because it. So how does a mistake like this get discovered are there people like I was saying earlier that. Got nothing to do but sit around for hours and hours and and look for ways to -- other people up via computers. Well you know it. Yes but in this case it was found by. -- Google because -- you can imagine Google has a vested interest in in keeping unit -- And so they hired me as a security researchers to go out there and constantly look -- code that they on the books used to see if there's a call. Is like so and wanted almost like yourself on -- Exactly exactly that constantly -- -- the awkward that they use to make sure that they -- not introduce any any vulnerability to the Internet. So in this case it's actually the good guys down. And the good guys to warn companies that this was -- so it indicate that of security work in the betterment of people. Now unfortunately -- flexible on is gonna require you know quite a bit of work out for all of these generic companies. But you know at the end of the day it didn't sound like good guys in the back. So there's no evidence that that this is insecurity has been breached anything's been stolen. No direct evidence unfortunately. On C park would work it doesn't see much of -- now. What I. -- -- -- kind of be the master reported critical outlawed like we did after the party reached. It will probably has not been widespread in in terms of -- unfortunately now that it's out there and people know about it. The chances of being -- -- a much. Yeah I don't know why date they announces before they headed six that it just leaked out. It is a bit of controversy. On independent security. Or released the findings that there investigation which supposedly was. Separate from -- -- -- all of -- who was working with these companies to try -- resolve all -- quiet. Of the and other both came out and announced the issue. The normal course of events -- -- around the sort of the vendors notified the band marched. Once everything it's cracked and people were told that didn't quite work out. Let me know it is not an accurate. Analogy -- -- -- like you know threatening noises being -- securities system. And if you walk next in the garage do you want right now thank -- are in -- -- So day they find this out right confides to a neighbor and in Reno so street everybody knows how to get difference. I'd tell me what we as consumers need to do. To fix it though Earl what kind of accounts it Whitney hand where. Maybe they not have and they may be vulnerable listening odd because like you use it you don't know who went in correct. Right you don't know now because of the nature of this problem in the fact that it affects servers on the back. Of the Internet and not necessarily your workstation. There's nothing you know that the person continued to actual machine normally would -- outlook -- chip the Internet virus local law. Yeah you can't do that. It's a little bit more complicated but the seriousness of this social people really don't need to go -- the steps but the first thing you need to do -- -- it too. To contact. Or verified that the person you're connecting to -- each day your bank your email. They have implemented -- -- six -- number of sites on the Internet you can get to a quick search for our league picks. That would let that some of the commonly -- that patched. -- bit vulnerability. -- -- You have Yahoo! mail through AT&T then you checked Yahoo! not AT&T. -- you can -- they are there a third party site that you can just -- just the search would being a global whatever people of compiling lists. A popular Internet site to -- -- -- to lift to -- who've done that that the packs this book. -- and we'll run at a time when those. So once you that you're gonna need to -- you know need to change all online at work I it's down like an incredible burden. But the fact of the matter is that this -- potentially expose your password every time you log into one of. -- so -- recurrence over every password you have on the Internet if it's three kids want to count if it's that one. Yet. And that and and it is serious enough that it is not you know and the Cuban people to rival. Vick is really the bit just in nature. And -- -- of the of this vulnerability such that people need to what you shall confirm that the psyche to connect to. I have updated and patched and yet he didn't need to change in equipment. Let you go if you -- Vietnam. July. One password one size fits all and it's going to be alpha -- upper case lower case is -- a bad idea to have just one and eventually you may remember these 101112 characters. Well you know it is a bad idea -- this very purpose because of one site gets compromised and every site reconnect to what I've -- pats were so we recommend having quite a number of outward. The best -- it -- to handle that -- use one of these password walkers were you can go and you can store your password. Encrypted on your computer. And so you have a variety of passwords were variety of services but you always want to make sure you have more than one because of one -- compromise -- not everyone has. Crazy Jason appreciate your time related. All -- and a great date Jason last word co-founder of this countless security which -- Internet security company.