Latest Show

Latest Show Details

Play Latest Show button Download show now button Subscribe to FrequencyCast in iTunes button Podcast RSS Feed button
Show News!

We don't send spam and you can unsubscribe at any time.

FrequencyCast RSS Feed FrequencyCast on Twitter FrequencyCast on Facebook

 

FrequencyCast Show 99 Transcript

Transcript from FrequencyCast Show 99.

Listen to, or download, FrequencyCast Show 99 (31 mins)

Play Show button Download show now button Subscribe to FrequencyCast in iTunes

 

Trqanscript - The Heatbleed Threat:

 

Pete:

Well Kelly, FrequencyCast – show 99. How are you?

Kelly:

I'm very good, Pete – how are you?

Pete:

Well, I'm a little tired, because you've got me recording at nine o'clock on a Sunday morning, and I don't do nine o'clocks on Sunday mornings.

Kelly:

I don't think many people do nine o'clocks on Sunday mornings, but you know I'm a hard taskmaster, so you're out of bed.

Pete:

I'll tell you what, the roads are quiet at nine o'clock on a Sunday morning, aren't they?

Kelly:

Yeah, people aren't even out for their bacon butties yet.

Pete:

Anyway, we're not here to talk about Sunday morning, or bacon butties (oh, I want one of those now). What we are here to talk about is Heartbleed, which, of course, is the big tech story of the moment. Have you been affected? Do you know much about it?

Kelly:

I haven't been affected.

Pete:

That you know of?

Kelly:

Well yes, that I'm aware of, but I have seen a lot about it. Obviously mumsnet's the key one that kind of went down.

Pete:

It didn't go down. What happened is, the CEO's account was hacked, so she was posting things that she shouldn't have been, and it was all a bit messy. But let's just back up a little bit, and talk about what Heartbleed is. It's sort of a bug. What's weird is, it's got its own logo and website.

Kelly:

Well surely, it's just a simple change of password, like everything else, no?

Pete:

No, it's worse than that. Let me explain what it is. It's an OpenSSL bug that affects the TLS.

Kelly:

One of those.

Pete:

Exactly, yeah – you know how to fix that yourself, don't you? So it's actually the Transport Layer Security, the bit that deals with secure communication between a computer and a computer server, and there's an exploitation that was discovered right at the beginning of April, but it went public. If you use this exploit, you can log onto a website and extract user names and passwords, and it's invisible to the server, so you can't tell that you've been hacked.

Kelly:

Well, that's not good.

Pete:

And it affects about, something like 17 or 18% of all of the computers on the internet, all the servers on the net, which is something in the order of half-a-million servers are vulnerable to this. Now, a lot of them are patching it, and most of them have been patched now, but the exploit was out there, so there is a risk that some of these servers have had password information already stolen.

Kelly:

Have you been affected?

Pete:

Well, this is the thing is, you don't know. What you have to look at is a list of all the services that you use, and whether they were potentially affected or not. So none of these companies are saying, hey yeah, we were definitely affected, but what they are saying is, we were using a bugged version, so could have been affected, so it's in your advantage to change your password anyway.

Kelly:

The amount of things you use on the internet, to actually go through and check everything individually – well, I guess everyone should just change their password.

Pete:

But I don't know about you, I've got about a hundred things I've signed up to over the last ten years, and I don't really want to trawl through 100 websites, and change it. But it's some of the names of the companies that may have been affected that's a bit of a concern. Now you mention mumsnet, that was the one that got in the papers, but the companies that are advising that you change your passwords are: Amazon web services, which is quite an important one; Pinterest, which I know is one you use?

Kelly:

It is indeed, and Dropbox.

Pete:

Dropbox has been potentially affected; Google, which of course, is Gmail and YouTube as well, with them. Then Yahoo!, Flickr, Netflix, SoundCloud, SourceForge and Wikipedia. So if you've got user names and passwords with any of them, you want to think about changing them, just in case.

Kelly:

Well, I think that's the majority then, of the country.

Pete:

There's a fair number affected, so it's a tricky one. This is actually being billed as potentially the worst security problem that the internet has had, and it doesn't just affect servers either – it can affect computers. The worrying one is people with Android phones. The Android 4.1.1 operating system, Jellybean, there's 50 million of those, and they've got the bug.

Kelly:

Marvellous. As an Android user, that is exactly what I wanted to hear – thank you very much.

Pete:

Exactly, so it's worth checking up on this. Heartbleed.com – do do your research, and have a look. What I found as a result of doing this, though, is – changing your passwords does make sense, and I'm looking at a service called LastPass, which is rather good. What it does is, it sits on your computer, and it manages all your passwords for you, so you go through and change all your passwords, you don't have to remember them all again – LastPass will remember them for you. There's a few of these out there – LastPass I'm playing with. There's also one called KeepPass, and 1Password, and it does take the hassle out of remembering and changing your passwords, and this LastPass looks at who you've got accounts with, and recommends whether or not you may need to change them because of Heartbleed, so it gives you a bit of a prompt.

Kelly:

But if what they get hit by Heartbleed?

Pete:

Well, it's funny you say that – LastPass were potentially affected! However, because of the encryption that they use, and the fact that your passwords aren't stored on their machine, they're stored on your machine, even if the transport was affected, the data wasn't, so they're still secure.

Kelly:

You may have got yourself out of that one – well done.

Pete:

Straight after the show, we're changing passwords – right?

Kelly:

Yeah, and that's going to be my Sunday ruined.

Pete:

Right, we've just had a quick tea break to keep us awake, and you made me a lovely cup of tea – thank you for that.

Kelly:

That's okay – I always do.

Pete:

What high tech product did you use, to make the tea?

Kelly:

A kettle?

Pete:

Now, I have discovered the improvement to the kettle that should have been done yonks ago. Kettles, as you probably know, they're very thirsty power-wise, and there's all this thing about, you boil too much water, and how much you spend a year boiling the kettle, and you should only put the right amount of water in to be environmentally-friendly, and everything else. I discovered a product that I'm amazed hasn't been invented yet.

Kelly:

Erm, no.

Pete:

When I tell you, you'll kick yourself. You know the thermos flask?

Kelly:

Oh, don't be ridiculous!

Pete:

Think about it – you boil your kettle, and the water says hot in the kettle.

Kelly:

Yeah, but it won't, not for that long. Even in a thermos flask, it doesn't last for that long.

Pete:

But it's not the point – it's the fact that the water at least stays warm, so when you do reboil it, it's half-way there already.

Kelly:

Surely we should just be done with kettles, and all installing a hot tap?

Pete:

Well, there's those Tefal things that do water on demand, but let's face it, we all use kettles. We all let it boil, and then we let the remainder of the hot water just sit there and slowly go cold – why not keep it warm?

Kelly:

Because you're unlikely to have a second cup?

Pete:

I am.

Kelly:

No, Pete. I think this is silly.

Pete:

I think it is the most obvious product that should have been around for a long time. It's just an insulated flask that you boil.

Kelly:

But it won't keep it hot enough for you to make your next batch of tea.

Pete:

Well, this one will. This will keep water hot to 80 degrees C for two hours, or 65 degrees C for four hours, and even if it may not be, after four hours it's not hot enough to make a really piping hot cup of tea, at least you're half-way there, and you don't have to reboil from cold to hot again.

Kelly:

I don't know that I believe you.

Pete:

Seriously, this is a brilliant idea. It's the Vektra vacuum kettle. It's the world's first thermally-insulated kettle, very energy-efficient, and the other thing is, the body of the kettle doesn't get hot, so you don't get a hot kettle to worry about touching.

Kelly:

That works, I can understand that.

Pete:

And they've done the maths on this. A three-kilowatt kettle, which is your standard type of kettle, would cost you, by their calculations, £3.58 per month to make however many cups of tea they're talking about. With one of these Vektras, we're talking £1.61, so it's a pretty good saving over the course of a month.

Kelly:

I think it's quite pointless.

Pete:

Someone please, get on the Facebook or the Twitter, and tell me I'm right. This is just something that should have been invented years ago, and it's finally out.

Kelly:

I don't believe that people are in their houses enough to warrant keeping water warm for God knows how many cups of tea, for four hours.

Pete:

Well, you're weird. I'm drinking tea all the time, and talking of that, my cup's empty – any chance of a fresh one?

Kelly:

Not a chance.

Pete:

We're now going to talk about Facebook. Now, you're an avid Facebook person, aren't you?

Kelly:

I am, yes.

Pete:

They've been buying companies again. Do you remember who they bought recently?

Kelly:

They keep buying everybody. They bought WhatsApp, they bought Oculus?

Pete:

Oculus, of course, the virtual reality headset. That we'll come onto later, because we had a go at that at Gadget Show Live, didn't we?

Kelly:

We did indeed.

Pete:

But they've bought somebody else. They've bought a small company, I must admit I'd never heard of, called ProtoGeo – have you come across them?

Kelly:

I've not come across them.

Pete:

Okay, fitness tracking – you know the Fitbits and the Fitbugs, and all the rest of it, they have an app for smartphones that does your calories and your steps, and Facebook has acquired them, so guess what'll be coming to Facebook soon?

Kelly:

Oh, it's soon going to be our fitness gadgets loaded up onto Facebook, is it?

Pete:

I think it is. I think your Facebook status will be, "I've walked x number of steps, and burnt off x number of calories." That's clearly where Facebook's thinking about going, which will be interesting.

Kelly:

Will it also do an alert of, I'm a lazy bum, I'm a lazy bum, if I haven't done anything?

Pete:

In a funny sort of way, if you are looking to lose a few pounds, I guess telling your social network how you're getting on might either embarrass you into doing more, or be a good way of getting a bit of support and praise, but I'm not convinced I like the idea myself.

Kelly:

I think Facebook is starting to take too much, and it's unnecessary. I mean, I don't know if you've also seen that they are trying to acquire a new payment system like PayPal, so you can start paying your friends to kind of get rid of the whole online banking to an extent as well. But it starts to become unnecessary – you put everything into that one system, what happens if that goes bust?

Pete:

Or gets Heartbleeded?

Kelly:

Well exactly, and you've literally got everything there, haven't you? – your fitness data, your bank details; all of your personal data, where you are; I mean, it's too much.

Pete:

I'll tell you what – shall we switch back to MySpace?

Kelly:

That might be a bit much!

Pete:

Or what about Friends Reunited? – remember them?

Kelly:

Oh my God! – Friends Reunited! Do you remember Bebo? Bebo was the one before MySpace, I'm sure.

Pete:

But Friends Reunited was where it all started. I think I've still got an account with them.

Kelly:

That's so funny. I wonder if people actually still sign up to that?

Pete:

If you do, let us know, and we'll be your friend on Friends Reunited.

Kelly:

Yes, absolutely.

Rest of transcript coming soon

 

Listen to, or download, FrequencyCast Show 99 (31 mins)

Play Show button Download show now button Subscribe to FrequencyCast in iTunes

 

 

More information:

 

Share This Page:

facebook twitter digg stumble technorati