Skip to main content

This Heartbleed Bug is going to turn me into a hermit

Screw it. I’m done.

Someone buy me a rotary phone, a copy of the Yellow Pages, and a box of paper checks. Nothing online is safe anymore.

Recommended Videos

This is how I feel after dealing with the massive Heartbleed OpenSSL bug for the better part of a week. For two years, a majority of websites, mobile apps, operating systems, and Internet services we all use — and as a tech reporter I use way too many of them — have been open season for hacking, all thanks to a tiny error in a few lines of code in an open-source security protocol. All of our logins, passwords, credit card information, personal data — everything; it’s all out there and may have been for a while. Even Gmail was vulnerable. Facebook, too. The problem is so vast that we’re discovering new equipment and software every day that’s going to need patching and fixing. It makes Y2K feel like a fart in the wind.

The worst part is, there’s absolutely nothing we, as users, did to cause this, and we’re powerless to protect ourselves. We just have to sit here and hope we don’t die of this Heartbleed bug.

We shouldn’t call it a “bug” at all. It’s more like the horde of locusts from the Book of Revelation. Sadly, even the Bible was more optimistic than what’s ahead for the Internet. Those locusts only tormented the Earth for five months. I doubt we’ll be so lucky.

Security advisors are telling us crazy things like:

  • Don’t reset your passwords until services have been patched
  • Reset all your passwords once a service is safe, just to make sure
  • Don’t visit any affected websites
  • Don’t use any affected smartphone apps
  • Don’t make purchases online until this clears up
  • Call all your banks and services to see if they’re affected by this

The problem is that there’s no way to even know if a website or app is affected by this bug without using a search engine like Yahoo, Google, or DuckDuckGo (all of which were also hit by this bug), or downloading an app from Google Play (also affected). Most of us probably can’t find a phone number without a Web search. And the links you’ll find in these search engines might be to sites that are vulnerable themselves. Or you could find out from your email, which has probably been compromised itself.

Few companies are taking any real responsibility either. Google quietly admitted on its blog that any person with a phone running Android 4.1.1 is vulnerable to this problem, but didn’t say which handsets except admitting to DT via email that it “estimate[s] use of Android 4.1.1 to be at single digit percentages.” Sounds small, right? It’s not. There are more than a billion Android devices in people’s hands around the world, meaning anywhere from 10 to 100 million people have a phone that is open season for hackers. And those phones might continue to be exposed for months, until the manufacturers, then carriers, of said phones release an update, and those users all install said update. When are the patches coming? Who’s affected? We don’t know. No company wants to take any blame.

When every service is a potential landmine and you’re running around blind, what other option do you have?

I am positive that there are at least a few dozen services I use that are compromised by this OpenSSL Heartbleed bug. Yet I’ve received only two emails from these sites warning me. One was from a European AirBNB competitor called Roomarama (thanks, guys!) and the other was from a finance app called Manilla. Manilla wasn’t even vulnerable, but they sent me a note to make sure I check other services.

So thank you to Roomarama and Manilla for notifying your users directly about Heartbleed. You’re a lot nicer than Google, Facebook, Yahoo, GoDaddy, TurboTax, Minecraft, OKCupid, Tumblr, Pinterest, Instagram, Dropbox, BlackBerry, Etsy, Fandango, GrubHub, Hulu, Steam, Netflix, and god knows how many other services out there.

How in hell I’m supposed to think up new passwords for all these services? I don’t know.

According to a Symantec report, 552 million people’s identities were exposed by corporate or government data breaches in 2013 that weren’t their fault. In 2012, that number was 93 million. What will 2014 hold? Will we hit a billion? How many times will I have to change my passwords next year?

Today, I will browse the Web, use apps, and do everything I normally do. I have no other option. When every service is a potential landmine and you’re running around blind, what other option do you have?

I just want to give up, move to a cabin, see if I can grow a beard, buy a shotgun, and defend my gated dirt driveway the old fashioned way. Digital life is getting so complicated.

[Image courtesy of Jens Ottoson/Photographee.eu/Shutterstock]

Jeffrey Van Camp
As DT's Deputy Editor, Jeff helps oversee editorial operations at Digital Trends. Previously, he ran the site's…
Samsung Galaxy Z Flip 7: the upgrade we’ve been waiting for?
Thre Flip 7 models next to each other

I never really thought that I'd want to go down the route of owning a flip phone, ever since I swore off my Nokia in the early 2000s (you know, the one with the weird felt covering and tiny notification window).

Fast forward two decades, and I'm considering rejoining the race, thanks to the Samsung Galaxy Z Flip 7. Coming in at $1,100, it's not cheap, but it's definitely something different compared to the world of black rectangles, and it it feels like Samsung’s Flip family has finally come of age.

Read more
I used the Galaxy Z Fold 7, here’s why I’m completely smitten
The back of the Galaxy Z Fold 7

We’ve waited several years for Samsung to join the party, but it’s finally here: Samsung has followed rivals like Oppo, OnePlus, and Honor in building a thinner, lighter, and sleeker Galaxy Z Fold 7. It’s an impressive feat of engineering and a major upgrade over previous years.

It’s easy to consider the Fold 7 nothing more than an update to the Galaxy Z Fold 6, but in many ways, it feels like a huge step forward, not just for Samsung but for all folding phones. I spent a few hours with the Galaxy Z Fold 7 in an exclusive preview, and here’s why I absolutely love what Samsung has done this year.

Read more
I tried the Samsung Galaxy Watch 8 series – they’re sleek, but with a lot to prove
Watch 8 on a wrist

Trying out the Samsung Galaxy Watch 8 and Watch 8 Classic is a tough gig - not in terms of it being a hardship to try out two high-end models, but that it's impossible to assess them with only 30 minutes’ use.

I can easily talk about the improved design and the fit of the straps etc, but the real changes are within the health ecosystem, and they'll need sustained testing to really understand if they're any good.

Read more