[LINK] The Heartbleed Bug in OpenSSL

Jan Whitaker jwhit at internode.on.net
Wed Apr 16 10:18:45 AEST 2014


At 01:34 AM 10/04/2014, Rick Welykochy wrote:

>The Heartbleed Bug has been plaguing Apache and nginx web servers
>for a couple of years.

Just did a bit of research on this re the trickle out of more info 
about the bug: affecting Android devices. Turns out the largest user 
base, Jellybean 4.1.1 is affected and still no patch.
http://www.androidtablets.net/forum/android-tablet-news-depot/66538-heartboned-why-google-needs-reclaim-android-updates.html

This happens to be the version installed on the inexpensive tablets 
from Aldi (I bought one late last year). Plus the Google staff are 
only saying they will advise their Android partners. All well and 
good, but how will those partners advise their end customers, like me?
http://googleonlinesecurity.blogspot.com.au/2014/04/google-services-updated-to-address.html

I have changed some passwords on critical accounts, like gmail which 
I hardly ever use, but is my Google overall password because of their 
integration approach, and Amazon. But if the os is buggy, doesn't 
seem like that's worth much now/yet/

I've never had to update an Android system before, so have no idea 
how that happens. Apps seem to take care of themselves automatically, 
but Android???

Any further advice? I can't seem to find what I'm looking for on this 
beyond the above. (whirlpool doesn't address it yet, for example)

Jan



Melbourne, Victoria, Australia
jwhit at janwhitaker.com

Sooner or later, I hate to break it to you, you're gonna die, so how 
do you fill in the space between here and there? It's yours. Seize your space.
~Margaret Atwood, writer

_ __________________ _



More information about the Link mailing list