Tag Archives: security

TechTeam, Volunteers

NFN Scholarship Student Jason Cooper National Cyber Ninja

Leave a comment

Our fellow Naples Free-Net volunteer and scholarship student 2013, now student at University of Central Florida, Jason Cooper, won with his team mates the National Collegiate Cyber Defense Competition!

The regional competitions were held in March with 180 team out of 9 regions participating and the winner went on to compete at the National level.

Competing teams built so-called Blue Teams tasked with defending computer systems against attacking Red Teams, which tried to penetrate and hack the Blue Teams’ networks and servers.

We are proud to have a national champion amongst our midst and Jason returned home to join the NFN Techteam he volunteered for the last four years.


Read the announcement at Raytheon’s website

 

System Notes, Technology News, TechTeam

NFN users and NFN4Good site owners secure from Heartbleed bug on Open SSL

Leave a comment

The good news first, our system administrator , Warren Anderson, reported earlier: “

Warren Anderson Presidents Award 2014“The “Heartbleed” bug affects OpenSSL versions 1.01 and 1.02. Naples Free-Net does not use the affected software. External tests have shown that we are not vulnerable.”

In other words, NFN users information is securely stored and was not exposed.

Mashable posted: The Heartbleed Hit List: The Passwords You Need to Change Right Now

Thank you to Steve Hart, who allowed us to use his article, published this morning on Relevanza.

Heartbleed bug on OpenSSL is an open wound

You’ve no doubt read about the Heartbleed bug that could affect websites using OpenSSL encryption for secure services – like financial transactions.

There is certainly no shortage of posts about the bug and it presents potential danger for some websites. An estimate published by ARStechnica suggests approximately 600,000 of a reported 28 million servers and other devices responding to a SSL connection request remained vulnerable to the Heartbleed bug. That estimate was made April 8th and at the time it was suggested a third of all servers had received a security patch to fix the vulnerability.

Other estimates suggest two-thirds of all servers dependent on OpenSSL have the potential to be affected.

OpenSSL is an open-source system of software networks which works to encrypt just over half of all websites which need secure connections to do business. SSL stands for Secure Sockets Layer and if your website URL adds an “s” to the http preface on the URL – https – you are probably using OpenSSL.

HeartbleedThe Heartbleed bug, as it’s come to be called, is a recently discovered vulnerability in the software that could allow hackers to access sensitive, important encrypted information such as passwords or, even, credit card numbers on the way from your computer to the web site using the data. There is currently no way to know if any particular site has been exploited because of the flaw but companies are moving very quickly to make patches and mend the flaw.

There are at least two sites (probably others) website users can go to check a site for vulnerabilities. One site is was set up by the security firm, LastPass. Another site was set up by Filippo Valsorda, Twitter and GitHub and can be found here.

Links reading more:

Photo: The Mothership by Trey Ratcliff, StuckinCustoms.com