With every bleed of my heart…

by | Apr 9, 2014 | 3 comments

The “Heartbleed” bug

Many of you have probably already heard about the security issue known as “Heartbleed,” which affects numerous Web sites and potentially other programs and systems that use specific versions of an encryption technology known as OpenSSL.

SSL (Secure Sockets Layer) is the protocol that scrambles or encrypts sensitive information that moves across the Internet, and this “bug” in OpenSSL means that any data sent between your Mac or iDevice and a Web site affected by the vulnerability could be intercepted and decoded (including passwords and credit card info).

Although no one is sure if the bug has been exploited or if any information has actually been stolen, it has the potential to be serious. I’ll let you read all about it here if you want to get all the gory details, but here’s the bottom line: While your Mac is not affected directly by this, many of the Web sites that you use on a regular basis might be.

It’s estimated that approximately 15-20% of all Web sites are affected by Heartbleed. I wish I could provide you with an updated list of these sites, but as of yet no such list exists. However, someone has put together a handy little online tool that lets you type in the Web address of any site and check to see if it uses the particular flavor of OpenSSL that is affected by Heartbleed.

The owner/operator of any affected site needs to correct the problem on their end; there’s nothing you can do until the site notifies you that they’ve addressed the issue. Changing your password isn’t going to help until they’ve fixed the problem, at which point you should then seriously consider updating your password just in case it was appropriated while the site was vulnerable.

So for your financial sites at least, if nothing else, I would do a little detective work using the tool noted above. For what it’s worth, GMail is not affected by this, nor is iCloud.com. If anyone wants to report back via a comment on which sites are safe, feel free. I’ll update this post if I get any new or useful info on the subject.

Office, ours

After a wait long enough that most of us figured it would never come to pass, Microsoft Office for the iPad and iPhone/iPod is now available for download. The software itself, as well as the pricing and licensing policies, are completely different for iPads vs. iPhones/iPods, and may not seem so favorable by comparison to Apple’s iWork suite of apps, but I’ll let you be the judge.

Here’s how it breaks down:

The app for iiPhone/iPod is known as Microsoft Office Mobile. It’s completely free to download and use as long as you’re willing to create an account with Microsoft with which you can sign in; without first entering a Microsoft account ID and password the app can’t be launched.

Once you’ve gotten past that hurdle, you’ll find you can open, create, edit and save Word and Excel files but, strangely enough, you can’t create PowerPoint files even though you can open existing ones, as well as edit and save them. Further, you can’t store Office files on your iDevice, so you need to use Microsoft’s OneDrive, OneDrive for Business, or SharePoint in order to really make use of this (20GB of OneDrive storage is included).

For your iPad, Word, Excel and PowerPoint are offered as individual apps. If you want only to view existing Office documents, you can use them all for free as long as you’d like. Assuming you might actually want to create or edit documents, however, you must subscribe to Office Home Personal for $6.99/mo. (covers one tablet and one Mac or PC), or Office Home Premium for $9.99/mo. (allows the use up to five mobile devices and up to five Macs/PCs).

If you happen to work for a company that already has an Office subscription for their business, you should inquire about using that. As with Microsoft Office Mobile, you can’t store files on your device so you’ll need to use OneDrive or SharePoint for that, and you get the same 20GB of OneDrive storage provided to iPhone/iPod users.

The actual iPad apps are generally getting rave reviews, although not everyone is as enthusiastic about the Microsoft subscription model. You can try the iPad apps free for 30 days, so I’d suggest at least taking a look if you feel that you really need the Office suite on your device.

Since the iWork apps (Pages, Numbers and Keynote) can open and save Office files, and they require only a one-time purchase with no monthly or annual subscription fees, they might be a better deal. Keep in mind, however, that they’re not as full-featured as Microsoft’s offerings, nor are they as capable of seamlessly opening, editing and saving an Office document while preserving every aspect of the file in question.

Mavericks: Ready. Or Not.

Back in early February, I wrote that I really couldn’t recommend any of you upgrading to Mavericks, and as of this moment my position hasn’t changed on that. There are still some major issues even after the 10.9.2 update, so we’ll see what happens when 10.9.3 is released, probably sometime later this month.

Those of you already using OS X 10.8 “Mountain Lion” really aren’t missing all that much, other that tabbed Finder windows, tags for documents and the aforementioned bugginess. If, however, you’re still running OS X 10.6 “Snow Leopard,” or OS X 10.7 “Lion,” you should think about moving up to 10.8–as long as your Mac supports it.

Those of you still on 10.5 “Leopard” should absolutely move up to 10.6 at a minimum (to eliminate the constant warnings about the Adobe Flash Player, if for no other reason), again assuming your Mac model supports that operating system.

If you’re not sure which model Mac you own, enter your Mac’s serial no. here. And if you don’t happen to have your Mac’s serial number handy, just go to “About This Mac” from the Apple menu, and from the About window, click twice on the line that indicates the system software version.

As always, feel free to drop me a line if you’re unsure which way to go here.

3 Comments

  1. Ron Chen

    Hi Gil,

    Thanks for this update on Heartbleed. I feel much better knowing that someone like you is watching out for us. As of 1000PM this evening, I have not heard from any of the financial institutions with websites that I regularly check.

    I wonder if those of us who go to retail sites like Amazon and Target and Ace Hardware need to be concerned.

    See you Thurs., April 17.

    Ron

    Reply
    • Gil Poulsen

      Just FYI for everyone, the following are “safe” sites that were either not affected in the first place or have been fixed:

      Amazon
      Bank of America
      Yahoo!
      British Airways
      Chubb
      Paypal
      Wells Fargo
      Google/GMail
      Verizon

      Reply
  2. Bernard Abramson

    I installed Office for iPhone and iPad when it was released. However, it was immediately evident that there was no way to access files from the apps except by subscribing to Office 365. Given that there are very few occasions on which I will need to work on files on my iPhone or iPad, and that I already have Documents To Go and iWork on these devices, I decided to drop Office. It is true that these applications do not provide 100% of Office’s capability, for example, some less common Excel functions are not supported. But they are good enough for most purposes and are cheap or free.

    I had read numerous postings about problems between Mail.app and Google mail on Mavericks. I use these heavily so I did not install the new OS until the first major revision (10.9.1). In the event there were no upgrade issues and none has surfaced since. Start up and shut down are faster. There are irritants. Finder tabs seem pretty useless and the “default view” option doesn’t work globally as it did in previous versions. The Trash icon doesn’t always change from empty when I delete a file. Nothing significant. However, I really disliked the skeuomorphisms and am pleased to see the back of them. It is noteworthy that the incremental benefits of each new release of OS X have diminished since 10.6. One wonders where Apple will go from here.

    Reply

Leave a Reply to Bernard Abramson Cancel reply

Your email address will not be published. Required fields are marked *