ArtSites Updates

(posted on 9 Apr 2014)

The Heartbleed Security Vulnerability


There have been many news reports in the last day or so about a security vulnerability called "Heartbleed".​

This vulnerability affects websites that use a secure connection.

These have web address that start with "https://" instead of "http://". (Note the "s"! ;-)

As an example, you can reach a secure version of ArtSites.ca by going to https://ArtSites.ca.

Many websites, such as Facebook and Gmail, only allow you to use a secure version of them.

Analysis shows that about 17% of websites were actually vulnerable even though about 66% of websites were using the vulnerable software.

This difference is accounted for by the fact that most websites did not have a specific feature turned on that caused the vulnerability.

For ArtSites, we were using the software but had NOT turned on the features that would make websites vulnerable.

So, you DO NOT have any issues to worry about related to this problem on your ArtSites website.

The next question that might come to mind is "how do I deal with this issue on other websites?"

Every website that you use should issue some kind of statement as we have done above.

Some will ask you to change your password.

Others may say that they were never vulnerable so nothing needs to be done.

If you do not see such a statement related to a website that contains information about you that you care about (i.e., a bank, web email, etc.), your best course of action is to change your password.

[Update - April 22, 2014: There have been some major websites where we'd recommend you change your passwords. Here's a fairly extensive list to check to see which ones may affect you.]

If you have any questions about this, please don't hesitate to contact us!

Company