National / International News

The heartache of Heartbleed

Marketplace - American Public Media - Wed, 2014-04-09 15:00

There is plenty of panic to go around surrounding the announcement of a major security flaw in OpenSSL, the open-sourced version of the security connection used by most web servers to encrypt information between users, sites, and companies. Here's some basic info on "Heartbleed," and what you need to know:

1. What the heck is SSL? And should I worry whenever that lock appears in my browser? Or when I see ‘https://’?

SSL stands for “Secure Sockets Layer.” It refers to the connection between your computer and the company hosting whatever website you are currently browsing. Take a banking website, for example. Ideally, you’d want that connection to be secure against hackers being able to see the information being transmitted back and forth -- In this case, sensitive information like your social security number or your credit card numbers. Companies that have a SSL connection will encrypt any information transferred between your computer and the company.

That’s why you see the lock in the upper left-hand corner of your browser. Companies with an SSL connection have paid for an SSL Certificate, and notify their users via the lock icon. Additionally, the “s” in “https://” is another signifier of an SSL connection, and stands for “secure.”

For more information, check out this video.

In theory, this is how it should work: encryption of information on an SSL should guard against anyone gaining access and decrypting that information. Except when it doesn’t. As security experts discovered, a flaw in the open-sourced version of SSL has been a vulnerability for about two years, and could allow a hacker to get access to private information as well as the key to decryption. It’s especially problematic when considering that about 2/3 of the web-serves use OpenSSL. Cue terrifying nickname: the “Heartbleed” bug.

 2. I’ve heard I shouldn’t change my passwords yet. Why not?

In simple terms, if a site is compromised, changing your password won’t do much until the company that runs the site installs a patch. A better strategy is to wait until sites have a chance to fix their “Heartbleed” woes, and then change your password. Otherwise you might simply be giving a hacker your new password.

3. Which sites are affected by “Heartbleed”?

You can look at a list of sites here, or check for yourself here.

 

*UPDATE: While changing your password on a website that isn't yet secure could be dangerous, many companies are now saying they have patched or updated OpenSSL flaws in their system and that users should update login information. Mashable has a good running list of sites and their status.

Exit won't affect signings - Moyes

BBC - Wed, 2014-04-09 14:58
David Moyes believes Manchester United's transfer targets will not be affected by their Champions League exit.

Between the covers of Evelyn's Sylva

BBC - Wed, 2014-04-09 14:58
Why John Evelyn's Sylva has stood the test of time

Cleric predicted he would be killed

BBC - Wed, 2014-04-09 14:11
The Muslim preacher who predicted he would be killed

VIDEO: Why did Blakelock case fail again?

BBC - Wed, 2014-04-09 14:06
A man has been acquitted of the murder of PC Keith Blakelock - raising questions about why the case was ever brought to court.

Turmoil in Ukraine Clouds The Region's Economic Outlook

NPR News - Wed, 2014-04-09 14:05

The developed part of Europe is perking up, but the other part of the continent is anything but steady these days, the International Monetary Fund and World Bank say.

» E-Mail This

Why My Wife Didn't Choose A Double Mastectomy

NPR News - Wed, 2014-04-09 14:03

More and more women are deciding to have double mastectomies when they are diagnosed with breast cancer. TV host Samantha Harris is just the latest. But it's not the right choice for everyone.

» E-Mail This

Roses are red, violets are blue

Marketplace - American Public Media - Wed, 2014-04-09 13:44

From the Marketplace Datebook, here's what's coming up April 10:

  • In Washington, a look at the nation's balance sheet. The Treasury Department issues its monthly statement for March.
  • Drone delivery is just one of the topics at the fourth annual PostalVision 2020 Conference getting underway in the nation's capital.
  • Golfers tee off in Augusta, Georgia during the first round of the Masters Tournament.
  • F. Scott Fitzgerald's novel "The Great Gatsby" was first published on April 10th, 1925.
  • And think eloquent thoughts. April is National Poetry Month.

Comcast says it needs to get bigger to compete

Marketplace - American Public Media - Wed, 2014-04-09 13:38

Before a Senate hearing on Comcast’s proposed merger with Time Warner Cable, the company dropped a lengthy memo to the Federal Communications Commission, summed up in a blog post. In part, it argued that the merger would be good for competition in broadband, since Comcast’s rivals— including telecoms like Verizon and AT&T— are so big

Which is a different question from whether they offer broadband services that actually compete with Comcast. Andy Hargreaves, a Pacific Crest Securities analyst who looks at both TV and tech, thinks Comcast already dominates, with other companies unable to consistently offer similar speeds.

He estimates that the merged company would have the best-quality service in about 70 percent of the U.S. market. He thinks that’s a problem -- it gives the company power to keep jacking up prices.  “They are exceptionally good at raising rates,” he says.

However, he doubts these questions will sink the deal. Merging the companies, he says, doesn’t actually make it much harder for a real competitor to emerge.

“It’s already near impossible,” he says. “So raising the bar from really, really, really, really, really, high to really, really, really, really, really, really, REALLY high is not that big a deal.”

David Balto, an anti-trust lawyer and a former Federal Trade Commission official, thinks the merger will likely be approved. Comcast and Time Warner haven't been competing with each other before the merger in existing markets, so consumers aren’t losing choices.

“You may not like the competitive environment,” he says, “but there are scores of mergers that the FTC and the Justice Department have approved because they could not find a loss of competition.”

'At least 30 dead' in CAR violence

BBC - Wed, 2014-04-09 13:35
At least 30 people are killed and 10 wounded in fighting between rival sectarian militias in the Central African Republic, police say.

VIDEO: Giant rat boards NYC subway train

BBC - Wed, 2014-04-09 13:25
A giant rat caused a commotion on a New York subway train when it managed to get itself trapped in a carriage.

Atletico Madrid 1-0 Barcelona (2-1 agg)

BBC - Wed, 2014-04-09 13:19
Atletico Madrid knock Barcelona out of the Champions League thanks to Koke's close-range goal after just five minutes.

Bayern Munich 3-1 Manchester United (4-2 agg)

BBC - Wed, 2014-04-09 13:19
Manchester United fail to reach the semi-finals of the Champions League as Bayern Munich rally for a dominant win.

VIDEO: Obama's tribute to Fort Hood victims

BBC - Wed, 2014-04-09 13:14
President Barack Obama has said the US "must do more" to keep firearms out of the hands of those suffering from mental health issues.

Goldman Sachs considers shutting down its 'dark pool'

Marketplace - American Public Media - Wed, 2014-04-09 13:10

Goldman Sachs executives have reportedly been toying with the idea of shutting down their dark pool, known as Sigma X.

"Dark pools" are to stock exchanges what private pools are to the Y. They are places for people to trade stocks in private, and many banks have them.

Privacy and Savings

There are benefits to having a dark pool, to be sure. Customers can trade more cheaply as they don’t pay exchange fees like they would on, say, the NYSE.  For institutional investors, privacy can be critically important as well. For example, an institutional investor making a supersized buy order in the open would be noticed by sellers, who would raise the price before the order was even complete.  

“Essentially, large institutional investors like this as a way of minimizing price impact and reducing trading costs,” says Craig Pirrong at the University of Houston. 

Suspicion and Negative PR

However, there is also a great deal of suspicion over dark pools at the moment, as the flipside of privacy is decreased transparency. “There’s a considerable deal of regulatory uncertainty and legal uncertainty,” Pirrong says.

“Almost all dark pools work by taking prices from exchanges and filling orders based on those exchanges,” explains Larry Harris of the USC Marshall School of Business. So is it fair that a dark pool can use exchange prices, but not contribute to formation of those prices? Harris says: “And even worse, as the orders are taken away from those exchanges, the quality of the prices depreciates.”

Customers may see a conflict of interest as well.  

“It might be better if people weren’t worried that I was only going to my dark pool because it was my dark pool,” says Joe Gawronsky, president of Rosenblatt Securities. It’s a bit of a PR problem. 

A Liability Issue

Running a private stock exchange is no small feat. When participants’ expectations aren’t aligned with reality, or when prices in the pool become disconnected from prices on exchanges, it can be a serious liability for the entity running the pool.

“Particularly when there’s a fast moving, volatile market and the timeliness of the prices may be, for whatever reason, not appropriately reflective of the prices that were prevailing at the time,” says Andrew Karolyi, professor of finance at the Johnson School of Management at Cornell.  This happened to Goldman in 2011, and the bank sent checks to cover traders who lost out as a result.

Alternatives

Gawronsky says firms like Goldman have alternatives. “There are other methods to get price improvement and hide your order other than using your own dark pool,” he says. 

There are other entities’ dark pools, of course. There’s also IEX, an alternative trading platform designed to address what its founders argue are flaws in the structure of the U.S. equity market. Goldman has supported IEX precisely because of its commitment to transparency and market moderating effect.  

Finally, for those concerned with anonymity, Gawronsky points out that Goldman and other large banks offer algorithmic trading. These are computer-based trading mechanisms that can be used to disguise movements -- breaking up a large trade into smaller trades throughout the day, for example.   

When all is said and done: “I’m not sure it will materially affect Goldman’s revenues,” Gawronsky says.  “You could argue they don’t have that much to lose, and what do they gain? Potentially a PR win and something that customers may applaud.”

Peeps year-round: Harbinger of apocalypse

Marketplace - American Public Media - Wed, 2014-04-09 13:10

I've been away, which is maybe how I missed this, but you know peeps? Those marshmallow bird things you get around easter?   The companies that makes them -- Just Born -- says starting May 1, they'll be available all year round.   "We're making every day into a holiday," a company official said.   Allow me to exercise the Marketplace host's prerogative, and declare it this week's sign that the apocalypse is upon us.        

Peeps year-round: Harbinger of apocalypse.

Marketplace - American Public Media - Wed, 2014-04-09 13:10
I've been away, which is maybe how I missed this, but you know peeps? Those marshmallow bird things you get around easter?   The companies that makes them -- Just Born -- says starting May 1, they'll be available all year round.   "We're making every day into a holiday," a company official said.   Allow me to exercise the Marketplace host's prerogative, and declare it this week's sign that the apocalypse is upon us.        

What To Do Now That The Heartbleed Bug Exposed The Internet

NPR News - Wed, 2014-04-09 13:08

As companies scramble to patch a bug that exposed much of the Internet for two years, you can protect yourself by practicing some good Web hygiene.

» E-Mail This

ON THE AIR
We're on autopilot.

KBBI is Powered by Active Listeners like You

As we celebrate 35 years of broadcasting, we look ahead to technology improvements and the changing landscape of public radio.

Support the voices, music, information, and ideas that add so much to your life.Thank you for supporting your local public radio station.

FOLLOW US

Drupal theme by pixeljets.com ver.1.4