Dear Lifehacker,So Shellshock is the newest vulnerability thatmay “break the internet.
“The last time they said that,it was about Heartbleed.
Can someone actually use these against me?
Are These Vulnerabilities Really Such a Big Deal?
So does that mean you’re free to just forget about them?
These vulnerabilities are serious, and all of the experts we spoke to noted that.
However, they also explained that doom and gloom headlines often have the opposite effect on people.
They make them weary of internet security news instead of encouraging them to pay attention to it.
It merits 100% of the attention its currently garnering in the public view.
That seems reasonable to me.
Even with a bug this serious, some people have still managed to make hyperbolic claims about its impact.
That doesnt do anyone any good.
Any time you have a complex issue, its difficult to relate the details to a wider audience.
Unfortunately, people respond to dramatic claims more often than to nuanced ones.
Frederick Lane, author, consultant, and computer security expert, agrees.
All the headlines do for consumers is add to the existential angst that makes modern living so challenging.
At a certain point, scary computer headlines just become background noise.
And if you might patch your own computer, you should.
Beyond that, take the hyperbole with a grain of salt.
Do Normal Computer Users Need to Worry About These Exploits?
It may seem like a waste of time and energy to worry about it.
However, you should at least keep an ear to the ground, says Lane.
You could have thousands of cars suddenly shutting down all over the country.
Technology offers tremendous benefits to all of us, but the shiny devices impose certain responsibilities.
As Heinlein said, “There ain’t no such thing as a free lunch.”
Apple and Linux distro makers have worked very quickly to issue patches to close these vulnerabilities.
This will take care of the web servers and OS X computers.
How many people would even know how to patch their router?
Keep your eye out for news about how router vendors will handle this.
At the same time, don’t lose sleep over it just yet.
After all, few technologies are secure, and even fewer when they’re connected to the internet.
Don’t be surprised if we see more Shellshocks and Heartbleeds in the coming months and years.
However, it doesn’t hurt to stay vigilant and to practice good computing hygiene.
That’s going to lead to more vulnerabilities exposed and more exploits in the wild.
Sincerely,Lifehacker
Mark Nunnikhoven is Vice President of Cloud & Emerging Technologies atTrend Micro.
He has written seven books, including most recently “Cybertraps for the Young.”
All of his books are available on Amazon or throughhis Web site.
you’re free to follow him on Twitter at@fsl3, or atComputer Forensics Digest.
Peter Theobald is a Computer Forensics examiner, expert witness, software designer, consultant and lecturer.
He is the co-chair of the American Bar Association’s Section of Litigation Computer Forensics sub-committee.
you’ve got the option to find him atTCForensics.com.
All three gentlemen offered their expertise for this article, and we thank them.
Have a question or suggestion for Ask Lifehacker?
Send it to[email protected].
Photos byMaksim Kabakou(Shutterstock),Chris Harrison, andYi Chen.
