FeedBlitz and the Heartbleed vulnerability

We’ve been asked this a few times recently, so for the record: FeedBlitz isn’t vulnerable to the Heartbleed vulnerability.

FeedBlitz doesn’t use the platforms affected, and we don’t use OpenSSL for SSL encryption on our servers.

Does that mean you shouldn’t change your password here at FeedBlitz? Not exactly. If you use the same password here that you do on an affected service then maybe you should, yes.

But ZOMG. Can we talk a little about risk here, please? Do you hand your credit card to a waiter to pay for your romantic dinner? Do you give your card number over the phone when ordering something from a local business? If you have ever done so, you’ve willingly given your payment information to a complete stranger and probably thought nothing of it.

How risky is that?

Which is not to belittle the scale of the potential risk that Heartbleed poses to the Internet’s security infrastructure. But on an individual level, you’re probably more likely to have your wallet lifted at the next major league ball game you go to.  I’m personally currently unaware of any proven cases of this vulnerability having been exploited successfully for any kind of mass compromise.

Sturm, drang and panic. A heady, volatile and newsworthy combination to feed into the 24 hours cable news cycle.

How about some facts, instead of could haves and might haves. Wouldn’t that make a pleasant change?

As a  reminder, here’s the one thing hackers and phishers know: They get more mileage by phishing, spoofing and social engineering (i.e. pretending to be someone, or something you trust; or simply conning you into willingly handing over secret information).

Which segues nicely into my planned DMARC post, which I’ll probably get to on Thursday now.

Meet Phil Hollows


Phil Hollows is the founder and CEO of FeedBlitz, the email marketing and social media automation service, and premium FeedBurner alternative. After graduating from Oxford University in 1987, Phil built on his high tech, consulting, and marketing leadership experience, and by 2005 the seeds of FeedBlitz were germinating. Private equity investment followed shortly thereafter, and the rest - as they say - is history. He also authored "List Building for Bloggers" {ListBuildingForBloggers.com}, outlining proven email strategies to build your audience, increase engagement, and grow your income. Pre-FeedBlitz, Phil was vice president of product marketing for enterprise network security management company OpenService (now LogMatrix), and vice president of technology at the web testing company RadView Software.


1 comments
IanCox1
IanCox1

Thanks for the timely reassurance.