The Heartbleed Bug, On Congress, The Secret History Of The EPA

Air Date:
Heard On Central Time

A former employee at the Environmental Protection Agency says the organization is poisoning our air and water with more chemicals than ever. Rob Ferrett and Veronica Rueckert talk to him about his time working for the government agency. They also check in with USA Today Congress and Politics editor Paul Singer about what’s happening on The Hill this week. And then, what’s the Heartbleed Bug and what can we do to protect against it?

Featured in this Show

  • Avoiding Heartache Of 'Heartbleed' Bug

    A newly discovered online bug has exposed millions of users to the risk of identity theft.

    The flaw, dubbed the “Heartbleed” bug by computer security researchers, could allow data thieves to gain access to personal messages, passwords and other information that was previously believed to have been safely encrypted.

    Unlike many past bugs which affected individual computers or individual releases of software, this bug affects what’s known as SSL software, which provides data security for a number of commonly used online applications. While there are no confirmed cases of identity theft related to the bug, it has been in place for two years on many servers — leaving a lot of data at risk over that time period.

    University of Wisconsin-Madison research programmer Nate Vack said one of the most frustrating things about the bug is that we can’t know whether anyone has taken advantage of it.

    “This doesn’t leave any traces in anybody’s log; it just looks like ordinary traffic to the rest of the world,” he said. “So there could have been evil people exploiting this for years and years.”

    Vack said this is a serious problem for anyone running a website, but that ordinary users shouldn’t panic.

    “I wouldn’t freak out about this,” he said. “Look at the emails that you’ve gotten from the services that you use and if they say, ‘Hey, we think you should update your password’ or ‘We think something has been leaked,’ take the actions they recommend.”

    He said this is a wake-up call for internet users that don’t take some basic precautions.

    “This reinforces that using the same login and password on a whole lot of websites is a bad idea,” he said, “because if one of these websites gives it up somehow, then people can get into all of your other websites.”

    Vack recommends creating different log-ins and passwords for different websites, and using password manager software to help keep track of them.

    He said the Heartbleed bug and other security issues point to the need to change the way the industry stores important personal data.

    “It is time to really think about how people architect stuff. Does this server really need to know all this information, can we minimize the amount of data we lose in the event of a breach?” He says segregating different types of data on different servers is more expensive, but can significantly lower risks.

    To check websites to see if they use the compromised software, Vack suggests checking out the LastPass Heartbleed checker.

  • What Is The Heartbleed Bug?

    Many woke up this morning to reports of the Heartbleed Bug, a glitch in online encryption software that could expose our personal data to hacking. What is this bug and how can we protect ourselves against it?

  • This Week In Congress – April 9, 2014

    USA Today Politics and Congress Editor Paul Singer joins Central Time for his weekly update on happenings in Congress.

  • Ex-EPA Employee Says Agency Turns Blind Eye Towards Chemicals And Pesticides

    A former employee of the Environmental Protection Agency says the organization is protecting polluters and failing Americans, and as a result, we’re poisoning our lands and waters with more chemicals than ever.

Episode Credits

  • Rob Ferrett Host
  • Veronica Rueckert Host
  • Nate Vack Guest
  • Paul Singer Guest
  • E.G. Vallianatos Guest
  • Marika Suval Producer
  • Galen Druke Producer
  • Chris Malina Producer

Related Stories