Protecting Yourself From the “Heartbleed” Security Flaw
You have some tech questions, I have some answers. Every Friday, I try to resolve these mysteries, succinctly and in plain language. Please send questions to email@example.com. Note that I won’t be able to diagnose your personal tech glitches and problems. I also reserve the right to edit questions for length or clarity, and to combine similar inquiries.
Q. Reading about the “Heartbleed” security flaw leaves me confused. What can I as a consumer do to protect my data? Must I change all my passwords?
A. There’s very little any average consumer can do to ensure that her data is safe, because this extremely nasty security vulnerability directly affected servers of the websites you use, and not individual computers or other devices. Still, if hackers exploited it, experts say they could have stolen consumers’ passwords. Trouble is, even sites that now say they were affected can’t say for sure if anything was stolen.
The best thing to do is to wait until a site you frequent tells you it has patched the security hole, and then change your password. You can also check if a site is fixed or still vulnerable by typing its address into the online tool here, provided by the security company Qualys, which rates sites’ security by letter grade. If a site gets any variation of an A, I’d advise continuing to use it, but with a new password. If it gets anything less, I’d try and stay off of it for now and wait to change the password. (If you are an Apple user, the company says its operating systems and “key Web-based services” weren’t affected, but that doesn’t mean that sites you visit on Apple devices were unaffected.)
You should also consider this an opportunity to vary your passwords more, and make them longer and at least a bit more complex. You might also consider using “two-factor authentication” at sites that offer it, like Google. This is a system that requires not only a password to log in, but also a changing, randomly generated code that’s either sent as a text to your phone or produced by a mobile app.
Q. I have long used, and liked, a Mac laptop, but I have recently retired, and would like a new all-in-one desktop for writing. I see that I can get a Windows version for much less than an iMac. Would it be a tough transition, and what extra software might I need?
A. There are some very nice Windows all-in-one desktops, but the current Windows 8.1 operating system, which uses a tablet interface and touchscreen, might pose an adjustment problem for a Mac user. However, if you use only the desktop interface on the machine, which is very similar to previous versions of Windows, you should be able to make the change without much trouble. As for software, I can’t say for sure what you’ll need, but writers will usually want Microsoft Office, or at least Microsoft Word, which typically isn’t included in a full version on these low-cost PCs.
Q. I understand what Apple’s Photo Stream does, synchronizing the pictures I take on my iPhone with iPhoto on my Mac. But what’s a “shared” Photo Stream?
A. A shared Photo Stream allows you to invite other people — usually a small group of friends or family — to see pictures you select for the shared stream on their devices, as well. They can also add pictures to the shared stream. In effect, it’s like a small, private social network for pictures, complete with the ability of viewers to add “Likes” and comments. For instance, I have used it to share vacation photos with family at home, and a friend uses it to share baby pictures. You can invite up to 100 people to a shared stream, and include up to 5,000 photos. More information is here and here.