The Heartbleed Bug

A flaw in the encryption system used by many popular websites is being seen as one of the biggest security threats the internet has seen so far. We have seen no indication of any issues caused by this security flaw on any Cal.net service, and Cal.net has patched any affected servers. Below is a list of services, and whether or not they were affected.

Cal.net Affected Services
Other Popular Affected Services
Security Advice

Cal.net Services Status

Service Name Affected? Patched Action
cPanel Webhosting Server Affected Patched Login to the control panel and change your password
Cal.net Bill Pay Portal Unaffected Not Needed No Password Change Necessary
Cal.net Mail Incoming Unaffected Not Needed No Password Change Necessary
Canit Anti Spam Login Unaffected Not Needed No Password Change Necessary
Cal.net Mail SMTP (Outgoing) Unaffected Not Needed No Password Change Necessary
Cal.net Mail Incoming Unaffected Not Needed No Password Change Necessary
Directcon.net Webmail Unaffected Not Needed No Password Change Necessary
Directcon.net Mail SMTP (Outgoing) Unaffected Not Needed No Password Change Necessary
Directcon.net Mail Incoming Unaffected Not Needed No Password Change Necessary

Other Popular Services

You can find a list of other popular services, and whether they were affected at

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

Security Advice

Imagine you use the same key for your home, your car, work, your storage unit, and your safe deposit box. Now imagine that key looks like this

Angelo_Gemmi_simple_key

A password is essentially a digital key, and by using the same simple password on multiple sites, a situation is created where if the password is compromised (the criminal gets a copy of your key), he then has access to your entire online life, the digital equivalent of the all the things our simple key opens in this example. There are some simple, if inconvenient things you can do to prevent this.

  1. Use a password manager like LastPass or KeePassX.
  2. Use different passwords for every site that requires a password.
  3. Use random, long passwords,  the above listed programs will generate them for you.
  4. Change your passwords periodically.

Following this advice will limit the damage done, and the time, money, and effort it takes to recover from a security breech.