{"id":985,"date":"2014-04-19T08:22:50","date_gmt":"2014-04-19T12:22:50","guid":{"rendered":"http:\/\/bruji.com\/blog\/?p=985"},"modified":"2014-04-19T08:22:50","modified_gmt":"2014-04-19T12:22:50","slug":"heartbleed-bug","status":"publish","type":"post","link":"https:\/\/bruji.com\/blog\/2014\/04\/19\/heartbleed-bug\/","title":{"rendered":"Heartbleed bug"},"content":{"rendered":"<p>By now, you might have heard of this thing called the <a title=\"Heartbleed bug\" href=\"http:\/\/mashable.com\/2014\/04\/11\/mashable-explains-heartbleed-2\/'&gt;Heartbleed bug\" target=\"_blank\">Heartbleed<\/a> bug, which is making the rounds on most Internet news sites.<\/p>\n<p>The truth is, it&#8217;s not as bad as it sounds. The vunerability was pretty bad, but in practice, for any of our users the risk was minimal.<\/p>\n<p>First,<strong> the bad news<\/strong>: some of your data <strong>might<\/strong> have been exposed to anyone sniffing our traffic. The operative word here is <strong>might<\/strong>. Chances are very, very slim that any sniffing took place, plus this was not a breach in our database, they didn&#8217;t have access to any of the data we keep there (user name and email address, if you provided one) they would only been able to grab your password if they were sniffing online at the actual time you logged in. Think about it, with the trillions of web pages out there, the chances of someone actively sniffing Doghouse pages are what? A quadrillion to one? \u00a0An\u00a0<a href=\"http:\/\/en.wikipedia.org\/wiki\/Names_of_large_numbers\" target=\"_blank\">Octodecillion<\/a> to one? Something crazy anyway.<\/p>\n<p>As I say, extremely unlikely.<\/p>\n<p>The <strong>good news<\/strong>:<\/p>\n<ol>\n<li>We have patched all our systems so the Heartbleed bug is no longer an issue.<\/li>\n<li>If you are worried about this bug, change your password in Doghouse. <a title=\"Change password\" href=\"http:\/\/bruji.com\/change_password\/\" target=\"_blank\">Here&#8217;s a link explaining how<\/a>.<\/li>\n<\/ol>\n<h2>Which services were affected?<\/h2>\n<p>Only <a href=\"http:\/\/doghouse.bruji.com\" target=\"_blank\">Doghouse<\/a>, and only when you contribute any data from the Pedias or when you logged in to admin.bruji.com or doghouse.bruji.com (they&#8217;re the same page). If you only use Doghouse for searches and have never contributed any entries you have nothing to worry about.<\/p>\n<h2>What data do you store?<\/h2>\n<p>We only store your <strong>user name<\/strong> and your <strong>email address<\/strong> if you provided one so we can communicate with you if the need arises. We never sell or expose your data to anyone, ever, under any circumstances. You can view our privacy policy <a href=\"http:\/\/bruji.com\/about.html#privacy\" target=\"_blank\">right here<\/a>.<\/p>\n<h2>What about my password?<\/h2>\n<p>Your password is stored with high-grade encryption and looks like this:<\/p>\n<p>e8afdd90d1dec343128b090e39e77eb08f859d4d78ce88262db6fb8f3d9a314ab7a486508567c21ded896bf3c32048fa6abd8987b5d57a1f46fcf6441a30d59a<\/p>\n<p>That doesn&#8217;t mean that even if someone got a hold of it they could use it to login with your username because we also use an added security measure appropriate called a salt and there is no way to reverse this encryption to figure out what the password really is.<\/p>\n<p>But, I repeat, nobody but us has access to this data not even through the Heartbleed bug.<\/p>\n<h2>OK, this sounds good, but I&#8217;m still worried, what should I do?<\/h2>\n<p>Just <a title=\"change password\" href=\"http:\/\/bruji.com\/change_password\/\" target=\"_blank\">change your password<\/a> if you use it elsewhere and are worried someone might have caught it as you were logging in and you&#8217;ll be fine.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>By now, you might have heard of this thing called the Heartbleed bug, which is making the rounds on most Internet news sites. The truth is, it&#8217;s not as bad as it sounds. The vunerability was pretty bad, but in practice, for any of our users the risk was minimal. First, the bad news: some [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-985","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/bruji.com\/blog\/wp-json\/wp\/v2\/posts\/985","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bruji.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bruji.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bruji.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/bruji.com\/blog\/wp-json\/wp\/v2\/comments?post=985"}],"version-history":[{"count":6,"href":"https:\/\/bruji.com\/blog\/wp-json\/wp\/v2\/posts\/985\/revisions"}],"predecessor-version":[{"id":993,"href":"https:\/\/bruji.com\/blog\/wp-json\/wp\/v2\/posts\/985\/revisions\/993"}],"wp:attachment":[{"href":"https:\/\/bruji.com\/blog\/wp-json\/wp\/v2\/media?parent=985"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bruji.com\/blog\/wp-json\/wp\/v2\/categories?post=985"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bruji.com\/blog\/wp-json\/wp\/v2\/tags?post=985"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}