Why Ukraine Is Losing?


infotechusa:

Updated After Ceasefire Agreement was reached in Minsk February 12 2015.

Read Full text in the language it was singed – it is always better then poor or/and incorrect translation or misquotes from online sources…

Контактная группа по урегулированию ситуации на Украине 12 февраля на переговорах в Минске подписала документ “Комплекс мер по выполнению минских соглашений”, который включает в себя:

1. Незамедлительное и всеобъемлющее прекращение огня в отдельных районах Донецкой и Луганской областей Украины и его строгое выполнение начиная с 00 ч. 00 мин. (киевское время) 15 февраля 2015 года.

2. Отвод всех тяжелых вооружений обеими сторонами на равные расстояния в целях создания зоны безопасности шириной минимум 50 км друг от друга для артиллерийских систем калибром 100 мм и более, зоны безопасности шириной 70 км для РСЗО и шириной 140 км для РСЗО “Торнадо-С”, “Ураган”, “Смерч” и тактических ракетных систем “Точка” (“Точка У”):

– для украинских войск: от фактической линии соприкосновения;

– для вооруженных формирований отдельных районов Донецкой и Луганской областей Украины: от линии соприкосновения согласно Минскому меморандуму от 19 сентября 2014 года. Отвод вышеперечисленных тяжелых вооружений должен начаться не позднее второго дня после прекращения огня и завершиться в течение 14 дней.

Этому процессу будет содействовать ОБСЕ при поддержке трехсторонней контактной группы.

3. Обеспечить эффективный мониторинг и верификацию режима прекращения огня и отвода тяжелого вооружения со стороны ОБСЕ с первого дня отвода, с применением всех необходимых технических средств, включая спутники, БПЛА, радиолокационные системы и пр.

4. В первый день после отвода начать диалог о модальностях проведения местных выборов в соответствии с украинским законодательством и законом Украины “О временном порядке местного самоуправления в отдельных районах Донецкой и Луганской областей”, а также о будущем режиме этих районов на основании указанного закона.

Незамедлительно, не позднее 30 дней с даты подписания данного документа, принять постановление Верховной рады Украины с указанием территории, на которую распространяется особый режим в соответствии с законом Украины “О временном порядке местного самоуправления в отдельных районах Донецкой и Луганской областей” на основе линии, установленной в Минском меморандуме от 19 сентября 2014 года.

5. Обеспечить помилование и амнистию путем введения в силу закона, запрещающего преследование и наказание лиц в связи с событиями, имевшими место в отдельных районах Донецкой и Луганской областей Украины.

6. Обеспечить освобождение и обмен всех заложников и незаконно удерживаемых лиц на основе принципа “всех на всех”. Этот процесс должен быть завершен самое позднее на пятый день после отвода.

7. Обеспечить безопасный доступ, доставку, хранение и распределение гуманитарной помощи нуждающимся на основе международного механизма.

8. Определение модальностей полного восстановления социально-экономических связей, включая социальные переводы, такие как выплата пенсий и иные выплаты (поступления и доходы, своевременная оплата всех коммунальных счетов, возобновление налогообложения в рамках правового поля Украины).

В этих целях Украина восстановит управление сегментом своей банковской системы в районах, затронутых конфликтом, и, возможно, будет создан международный механизм для облегчения таких переводов.

9. Восстановление полного контроля над государственной границей со стороны правительства Украины во всей зоне конфликта, которое должно начаться в первый день после местных выборов и завершиться после всеобъемлющего политического урегулирования (местные выборы в отдельных районах Донецкой и Луганской областей на основании Закона Украины и конституционная реформа) к концу 2015 года при условии выполнения пункта 11 – в консультациях и по согласованию с представителями отдельных районов Донецкой и Луганской областей в рамках трехсторонней Контактной группы.

10. Вывод всех иностранных вооруженных формирований, военной техники, а также наемников с территории Украины под наблюдением ОБСЕ. Разоружение всех незаконных групп.

11. Проведение конституционной реформы в Украине со вступлением в силу к концу 2015 года новой конституции, предполагающей в качестве ключевого элемента децентрализацию (с учетом особенностей отдельных районов Донецкой и Луганской областей, согласованных с представителями этих районов), а также принятие постоянного законодательства об особом статусе отдельных районов Донецкой и Луганской областей в соответствии с мерами, указанными в примечании[1], до конца 2015 года. (См. примечание)

12. На основании закона Украины “О временном порядке местного самоуправления в отдельных районах Донецкой и Луганской областей” вопросы, касающиеся местных выборов, будут обсуждаться и согласовываться с представителями отдельных районов Донецкой и Луганской областей в рамках трехсторонней контактной группы. Выборы будут проведены с соблюдением соответствующих стандартов ОБСЕ при мониторинге со стороны БДИПЧ ОБСЕ.

13. Интенсифицировать деятельность трехсторонней контактной группы, в том числе путем создания рабочих групп по выполнению соответствующих аспектов минских соглашений. Они будут отражать состав трехсторонней контактной группы.

Примечание:

Такие меры в соответствии с законом “Об особом порядке местного самоуправления в отдельных районах Донецкой и Луганской областей” включают следующее:

– освобождение от наказания, преследования и дискриминации лиц, связанных с событиями, имевшими место в отдельных районах Донецкой и Луганской областей;

– право на языковое самоопределение;

– участие органов местного самоуправления в назначении глав органов прокуратуры и судов в отдельных районах Донецкой и Луганской областей;

– возможность для центральных органов исполнительной власти заключать с соответствующими органами местного самоуправления соглашения относительно экономического, социального и культурного развития отдельных районов Донецкой и Луганской областей;

– государство оказывает поддержку социально-экономическому развитию отдельных районов Донецкой и Луганской областей;

– содействие со стороны центральных органов власти трансграничному сотрудничеству в отдельных районах Донецкой и Луганской областей с регионами Российской Федерации;

– создание отрядов народной милиции по решению местных советов с целью поддержания общественного порядка в отдельных районах Донецкой и Луганской областей;

– полномочия депутатов местных советов и должностных лиц, избранных на досрочных выборах, назначенных Верховной Радой Украины этим законом, не могут быть досрочно прекращены.

Документ подписали участники трехсторонней контактной группы:

Посол Хайди Тальявини
Второй президент Украины Л.Д. Кучма
Посол Российской Федерации на Украине М.Ю. Зурабов
А.В. Захарченко
И.В. Плотницкий

 

Below Translation by BBC.com –  Ukraine ceasefire: New Minsk agreement key points

http://www.bbc.com/news/world-europe-31436513

Here are the key points of the new plan (as released in Russian):

1. Immediate and full bilateral ceasefire

To take effect in parts of Donetsk and Luhansk regions, from 00:00 local time on 15 February (22:00 GMT on 14 February).

2. Withdrawal of all heavy weapons by both sides

To equal distances to create a buffer zone of: at least 50km (30 miles) separating both sides for artillery systems of 100mm calibre or more; 70km for multiple rocket systems and 140km for the heaviest rocket and missile systems such as Tornado, Uragan, Smerch and Tochka.

Ukrainian troops to withdraw heavy weapons from the current frontline.

Separatist forces to withdraw theirs from the line of 19 September 2014.

Heavy weapons withdrawal must start no later than day two of the ceasefire and be completed within two weeks. The OSCE security body will assist in the process.

map

3. Effective monitoring and verification regime for the ceasefire and withdrawal of heavy weapons

To be carried out by the OSCE from day one, using all necessary technology such as satellites and radar.

4. From day one of the withdrawal begin a dialogue on the holding of local elections

In line with the Ukrainian law on temporary self-rule for parts of Donetsk and Luhansk. There will also be a dialogue on those areas’ political future.

5. Pardon and amnesty by banning any prosecution of figures involved in the Donetsk and Luhansk conflict 6. Release of all hostages and other illegally detained people

On the basis of “all for all”. To be completed at the latest on the fifth day after the military withdrawal.

The Minsk leaders (from left: Vladimir Putin, Francois Hollande, Angela Merkel, Petro Poroshenko)

7. Unimpeded delivery of humanitarian aid to the needy, internationally supervised

8. Restoration of full social and economic links with affected areas

Including social transfers, such as payment of pensions. To that end, Ukraine will restore its banking services in districts affected by the conflict.

9. Full Ukrainian government control will be restored over the state border, throughout the conflict zone

To begin on the first day after local elections, and be completed after a comprehensive political settlement, by the end of 2015. (Local elections in rebel-controlled Donetsk and Luhansk regions will be based on Ukrainian law and a constitutional reform.)

10. Withdrawal of all foreign armed groups, weapons and mercenaries from Ukrainian territory

To be monitored by the OSCE. All illegal groups to be disarmed.

11. Constitutional reform in Ukraine, with adoption of a new constitution by the end of 2015

A key element of which will be decentralisation (taking account of the special features of certain parts of Donetsk and Luhansk regions, agreed with representatives of those regions), and adoption of permanent laws on the special status of those areas.

 

Reasons why separatists are winning in Ukraine. (reprint)

A new report by the Atlantic Council, with the Brookings Institution, and the Chicago Council on Global Affairs calls for three billions of dollars in aid, including weapons.

The report details why the Russia-backed separatists are winning:

reasons why Russia-backed separatists are winning in Ukraine

Reasons why Russia-backed separatists are winning in Ukraine

Read more: http://www.businessinsider.com/7-reasons-why-russia-backed-separatists-are-dominating-in-ukraine-2015-2

 

The disorganization and corruption of too much of Ukraine’s military is no secret. Indeed, that the higher-ups are criminals who avoid battle is a near-universally held belief among the fighters who are doing the dying around Donetsk, who see senior officers, many of them hold-overs from the Yanukovych era, living in comfort far from the sound of the guns. The troops who have borne the brunt of the Russo-Ukrainian War to date are volunteers — there are more than fifty battalions of them, though some are in reality more company-sized — since the regular army is in such a lamentable state that many of its units cannot be sent into battle.

Why the Ukrainian military remains so unready after many months of promises from Kyiv that it is serious about resisting the Russians is an important question. We have heard many excuses proffered about how the military was neglected for two decades after the fall of the Soviet Union, which is true but unhelpful now, when Ukraine urgently needs combat-ready forces. Courage is not lacking while battle skill clearly is.

Originally posted on The XX Committee:

Today brings more bad news from easternmost Ukraine, as Kyiv’s defenders are trying to hold on to Donetsk airport, where fighting has waxed and waned for months between Ukrainian troops and rebels, many of whom are actually Russian soldiers. Putin is pushing again around Donetsk and the airport’s brave defenders, termed Cyborgs by the Ukrainian public, may not be able to stand their ground much longer. As usual, they are dismally supplied and badly led. Never in the Russo-Ukrainian War, which started last spring, has Kyiv’s General Staff inspired much confidence, and their leadership is improving slowly, if at all, under the rigors of war.

The disorganization and corruption of too much of Ukraine’s military is no secret. Indeed, that the higher-ups are criminals who avoid battle is a near-universally held belief among the fighters who are doing the dying around Donetsk, who see senior officers, many of…

View original 1,408 more words

About #Poodle #Hack of #SSLv3 and How to Secure Online Business


infotechusa:

Security Vulnerability Named POODLE was discovered recently.

What is poodle stand for sslv3 hack?
Padding Oracle On Downgraded Legacy Encryption
Poodle, which stands for Padding Oracle On Downgraded Legacy Encryption (PDF), is a problem because it’s used by both websites and Web browsers. Both must be reconfigured to prevent using SSL 3.0, and Poodle will remain a problem as long as SSL 3.0 is supported.
Google exposes ‘Poodle’ flaw in Web encryption standard …

POODLE Vulnerability: Frequently Asked Questions.
What is the SSLv3 POODLE Vulnerability?
On October 15 Google published details of vulnerability in the design of SSL version 3.0. This vulnerability
allows the plaintext of secure connections to be calculated by a network attacker. The new vulnerability,
named ‘POODLE’, compromises encryption, by forcing a browser or client to use the less secure SSLv3
encryption protocols instead of TLS protocols (eg TLSv1.2). It then carries out a BEAST (Browser Exploit
Against SSL/TLS) attack to obtain information from the encrypted stream.
Is This Really Such a Big Issue?
Yes. Although SSL 3.0 is nearly fifteen years old, support for it remains widespread. Most importantly, nearly all
browsers support it and, in order to work around bugs in HTTPS servers, browsers will retry failed connections
with older protocol versions, including SSL 3.0. Because a network attacker can cause connection failures,
they can trigger the use of SSL 3.0 and then exploit this issue.

Who does Poodle Affect?
Any merchant using Internet Explorer 6 (IE6) to access secure online payment gateways system pages or any merchant whose site or solution uses SSLv3 to post transactions to Authorize.Net.

What should I tell my customers if they ask about POODLE?

You can instruct any concerned customers to visit https://zmap.io/sslv3/ to confirm if their browser supports SSLv3. It includes instructions on how to disable SSLv3 for all modern browsers.

What to do if i Use Internet Explorer 6?

If you are using a version of Internet Explorer older than 7.0, please visit http://www.microsoft.com/en-us/download/internet-explorer.aspx to upgrade.

Firefox, Safari and Chrome users should not be affected.

Important announcement about POODLE and payment security.
read more here:nikolaygul.wordpress.com/2014/11/03/poodle-hack-of-sslv3/

Originally posted on Hi, from Nikolay ;-):

Poodle Hack of SSLv3New Security Vulnerability Named POODLE was discovered recently.

  • What is poodle stand for sslv3 hack?

    Padding Oracle On Downgraded Legacy Encryption
  • Poodle, which stands for Padding Oracle On Downgraded Legacy Encryption (PDF), is a problem because it’s used by both websites and Web browsers. Both must be reconfigured to prevent using SSL 3.0, and Poodle will remain a problem as long as SSL 3.0 is supported.
  • Google exposes ‘Poodle’ flaw in Web encryption standard …

POODLE Vulnerability: Frequently Asked Questions.

What is the SSLv3 POODLE Vulnerability?
On October 15 Google published details of vulnerability in the design of SSL version 3.0. This vulnerability
allows the plaintext of secure connections to be calculated by a network attacker. The new vulnerability,
named ‘POODLE’, compromises encryption, by forcing a browser or client to use the less secure SSLv3
encryption protocols instead of TLS protocols (eg TLSv1.2). It then carries out a BEAST (Browser…

View original 1,359 more words

How to modify hosts file on local computer?


Easily edit the host file on Windows, Mac, linux

Easily edit the host file on Windows, Mac, Linux

How to modify hosts file on local computer?

The hosts file is a computer file used by an operating system to map hostnames to IP addresses.

The hosts file is a plain text file, and is conventionally named hosts. Originally a HOSTS.TXT file and maintained centrally by Stanford Research Institute for the ARPANET, the hosts file predates the Domain Name System, which was first described in 1983 and implemented in 1984.

Prior to DNS, the hosts file was manually edited and served as a table of accessible hosts. It was due the size of the growing Internet and coincident growth of the hosts table that the more robust DNS was embraced and the hosts file supplanted.


Editing your hosts file will allow you to override the DNS for a domain, on that particular machine.

Can be used to test your site without the test link, prior to going live with SSL, verify an alias site works prior to DNS changes, or for other DNS related reasons.

This causes your local machine only to look directly at the IP specified.

Your hosts file will need to have two entries added that will contain the IP address you want the site to resolve to and the address. Adding the below two lines for example will point www.yourtesturl.com and yourtesturl.com to our current PHP5-ITK (“Refreshed” PHP5) cluster:

127.0.0.1  localhost loopback
::1        localhost

or
127.0.0.1 www.yourtesturl.com
127.0.0.1 yourtesturl.com

Below is how to locate and edit the hosts file on several OS platforms. Once the proper domain information is added you will save the file and your system will begin resolving to the specified IP. Once testing is finished these entries should be removed.

Contents

 

  • Windows 8
  • Vista and Windows 7
  • Windows NT/2000/XP
  • Linux
  • Mac OSX 10.0 – 10.1.5
  • Mac OSX 10.6 – 10.8

local host file

local host file

Windows 8

Editing a HOSTS File in Windows 8

Here is what you can do in order to edit the HOSTS file on Windows 8.

  • Copy the HOSTS file from the  C:\Windows\System32\Drivers\etc folder to your Desktop.
  • Open the copy from your Desktop in Notepad, and make all necessary changes.

Or directly open file location from NotePad or other PlainText editor like

 

Windows Vista and Windows 7

Vista and Windows 7 use User Account Control (UAC) so Notepad must be run as Administrator.

1. Click Start -> All Programs -> Accessories

2. Right click Notepad and select Run as administrator

3. Click Continue on the “Windows needs your permission” UAC window.

4. When Notepad opens Click File -> Open

5. In the filename field type C:\Windows\System32\Drivers\etc\hosts

6. Click Open

 

 

Windows NT/2000/XP

1. Click Start -> All Programs -> Accessories -> Notepad

2. Click File -> Open

3. In the filename field type C:\Windows\System32\Drivers\etc\hosts

4. Click Open

 

Linux

1. Open a terminal window

2. Type sudo nano /etc/hosts (you can substitute any text editor)

3. Enter your password

 

 

Mac OS X 10.0 – 10.1.5

1. Open /Applications/Utilities/NetInfo Manager.

2. To allow editing the NetInfo database, click the padlock in the lower left corner of the window.

3. Enter your Admin password and click OK

4. In the second column of the browser view, select the node named “machines.” You will see entries for -DHCP-, broadcasthost, and localhost in the third column.

5. The quickest way to create a new entry is to duplicate an existing one. So select the “localhost” item in the third column.

6. Choose Duplicate from the Edit menu. A confirmation alert appears.

7. Click Duplicate. A new entry called “localhost copy” appears, and its properties are shown below the browser view.

8. Double-click the value of the ip_address property and enter the IP address of the other computer.

9. Double-click the value of the name property and enter the hostname you want for the other computer.

10. Click the serves property and choose Delete from the Edit menu.

11. Choose Save from the File menu. A confirmation alert appears.

12. Click Update this copy.

13. Repeat steps 6 through 12 for each additional host entry you wish to add.

14. Choose Quit from the NetInfo Manager menu. You do not need to restart the computer.

 

Mac OS X 10.6 – 10.1.8

1. Open Applications > Utilities > Terminal.

2. Open the hosts file by typing the following in the Terminal window:

sudo nano /private/etc/hosts

Type your user password when prompted

3. Edit the Host File,The hosts file contains some comments (lines starting with the # symbol), as well as some default hostname mappings (e.g. 127.0.0.1 – local host). Append your new mappings underneath the default ones.

4. Save the Host File, When done editing the hosts file, press Control+x to save the file.

5. Make your changes take effect by flushing the DNS cache with the following command:

$ dscacheutil -flushcache

6. New mappings should now take effect.

 

 

Passwords worth changing ►#Facebook ►#Instagram ►#Pinterest ►#Tumblr ►Google ►Yahoo ►GoDaddy Netflix


Change your password - Heartbleed Bug

Heartbleed Hask: The Passwords You Need Change ASAP.

latest update:

NSA knew about Heartbleed for two years – Bloomberg

The critical “Heartbleed” bug reported earlier this week to have affected the security of most of the internet was discovered by researchers at the United States National Security Agency two years earlier, according to a new report.

On Friday afternoon, Bloomberg News journalist Michael Riley reported that the NSA knew about the monstrous flaw for at least two years ahead of this week’s announcement, but kept it hidden from technologists and instead exploited it to hack the computers and correspondence of certain intelligence targets.

Earlier in the week, the open-source OpenSSL internet security project issued an emergency advisory after discovery of the Heartbleed bug revealed a weakness that may have for years allowed hackers to access online information otherwise thought to be protected by the SSL/TLS encryption standard used by around two-thirds of the web…. more here

Boomberg TV:

http://www.bloomberg.com/video/what-and-when-did-nsa-know-about-heartbleed-bug-CcNm~m5ZSzC9GWx4na6L2Q.html

What and When Did NSA Know About Heartbleed Bug?

 

IF you use any of those sites change your password ASAP.

Was it affected? Is there a patch? Do you need to change your password? What did they say?
Facebook Unclear Yes Yes Yes “We added protections for Facebook’s implementation of OpenSSL before this issue was publicly disclosed. We haven’t detected any signs of suspicious account activity, but we encourage people to … set up a unique password.”
Instagram Yes Yes Yes Yes “Our security teams worked quickly on a fix and we have no evidence of any accounts being harmed. But because this event impacted many services across the web, we recommend you update your password on Instagram and other sites, particularly if you use the same password on multiple sites.”
LinkedIn No No No “We didn’t use the offending implementation of OpenSSL in http://www.linkedin.com or http://www.slideshare.net. As a result, HeartBleed does not present a risk to these web properties.”
Pinterest Yes Yes Yes Yes “We fixed the issue on Pinterest.com, and didn’t find any evidence of mischief. To be extra careful, we e-mailed Pinners who may have been impacted, and encouraged them to change their passwords.”
Tumblr Yes Yes Yes Yes “We have no evidence of any breach and, like most networks, our team took immediate action to fix the issue.”
Twitter No Yes Unclear Twitter wrote that OpenSSL “is widely used across the internet and at Twitter. We were able to determine that [our] servers were not affected by this vulnerability. We are continuing to monitor the situation.” While reiterating that they were unaffected, Twitter told Mashable that they did apply a patch.

Other Companies

Was it affected? Is there a patch? Do you need to change your password? What did they say?
Apple No No No “iOS and OS X never incorporated the vulnerable software and key web-based services were not affected.”
Amazon No No No “Amazon.com is not affected.”
Google Yes Yes Yes Yes* “We have assessed the SSL vulnerability and applied patches to key Google services.” Search, Gmail, YouTube, Wallet, Play, Apps and App Engine were affected; Google Chrome and Chrome OS were not.

*Google said users do not need to change their passwords, but because of the previous vulnerability, better safe than sorry.

Microsoft No No No Microsoft services were not running OpenSSL, according to LastPass.
Yahoo Yes Yes Yes Yes “As soon as we became aware of the issue, we began working to fix it… and we are working to implement the fix across the rest of our sites right now.” Yahoo Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo Food, Yahoo Tech, Flickr and Tumblr were patched. More patches to come, Yahoo says.

Email

Was it affected? Is there a patch? Do you need to change your password? What did they say?
AOL No No No AOL told Mashable it was not running the vulnerable version of the software.
Gmail Yes Yes Yes Yes* “We have assessed the SSL vulnerability and applied patches to key Google services.”

*Google said users do not need to change their passwords, but because of the previous vulnerability, better safe than sorry.

Hotmail / Outlook No No No Microsoft services were not running OpenSSL, according to LastPass.
Yahoo Mail Yes Yes Yes Yes “As soon as we became aware of the issue, we began working to fix it… and we are working to implement the fix across the rest of our sites right now.”

Stores and Commerce

Was it affected? Is there a patch? Do you need to change your password? What did they say?
Amazon No No No “Amazon.com is not affected.”
Amazon Web Services (for website operators) Yes Yes Yes Yes Most services were unaffected or Amazon was already able to apply mitigations (see advisory note here). Elastic Load Balancing, Amazon EC2, Amazon Linux AMI, Red Hat Enterprise Linux, Ubuntu, AWS OpsWorks, AWS Elastic Beanstalk and Amazon CloudFront were patched.
eBay No No No “eBay.com was never vulnerable to this bug because we were never running a vulnerable version of OpenSSL.”
Etsy Yes* Yes Yes Yes Etsy said that only a small part of its infrastructure was vulnerable, and they have patched it.
GoDaddy Yes Yes Yes Yes “We’ve been updating GoDaddy services that use the affected OpenSSL version.” Full Statement
Groupon No No No “Groupon.com does not utilize a version of the OpenSSL library that is susceptible to the Heartbleed bug.”
Nordstrom No No No “Nordstrom websites do not use OpenSSL encryption.”
PayPal No No No “Your PayPal account details were not exposed in the past and remain secure.” Full Statement
Target No No No “[We] launched a comprehensive review of all external facing aspects of Target.com… and do not currently believe that any external-facing aspects of our sites are impacted by the OpenSSL vulnerability.”
Walmart No No No “We do not use that technology so we have not been impacted by this particular breach.”

Videos, Photos, Games & Entertainment

Was it affected? Is there a patch? Do you need to change your password? What did they say?
Flickr Yes Yes Yes Yes “As soon as we became aware of the issue, we began working to fix it… and we are working to implement the fix across the rest of our sites right now.”
Hulu No No No No comment provided.
Minecraft Yes Yes Yes Yes “We were forced to temporary suspend all of our services. … The exploit has been fixed. We can not guarantee that your information wasn’t compromised.” More Information
Netflix Yes Yes Yes Yes “Like many companies, we took immediate action to assess the vulnerability and address it. We are not aware of any customer impact. It’s a good practice to change passwords from time to time, now would be a good time to think about doing so. “
SoundCloud Yes Yes Yes Yes SoundCloud emphasized that there were no indications of any foul play and that the company’s actions were simply precautionary.
YouTube Yes Yes Yes Yes* “We have assessed the SSL vulnerability and applied patches to key Google services.”

*Google said users do not need to change their passwords, but because of the previous vulnerability, better safe than sorry.

Financial

All the banks we contacted (see below) said they were unaffected by Heartbleed, but U.S. regulators have warned banks to patch their systems.

Was it affected? Is there a patch? Do you need to change your password? What did they say?
American Express No No No “There was no compromise of any customer data. While we are not requiring customers to take any specific action at this time, it is a good security practice to regularly update Internet passwords.”
Bank of America No No No “A majority of our platforms do NOT use OpenSSL, and the ones that do, we have confirmed no vulnerabilities.”
Barclays No No No No comment provided.
Capital One No No No “Capital One uses a version of encryption that is not vulnerable to Heartbleed.”
Chase No No No “These sites don’t use the encryption software that is vulnerable to the Heartbleed bug.”
Citigroup No No No Citigroup does not use Open SSL in “customer-facing retail banking and credit card sites and mobile apps”
E*Trade No No No E*Trade is still investigating.
Fidelity No No No “We have multiple layers of security in place to protect our customer sites and services.”
PNC No No No “We have tested our online and mobile banking systems and confirmed that they are not vulnerable to the Heartbleed bug.”
Schwab No No No “Efforts to date have not detected this vulnerability on Schwab.com or any of our online channels.”
Scottrade No No No “Scottrade does not use the affected version of OpenSSL on any of our client-facing platforms.”
TD Ameritrade No No No TD Ameritrade “doesn’t use the versions of openSSL that were vulnerable.”
TD Bank No No No “We’re currently taking precautions and steps to protect customer data from this threat and have no reason to believe any customer data has been compromised in the past.”
T. Rowe Price No No No “The T. Rowe Price websites are not vulnerable to the “Heartbleed” SSL bug nor were they vulnerable in the past.”
U.S. Bank No No No “We do not use OpenSSL for customer-facing, Internet banking channels, so U.S. Bank customer data is NOT at risk.”
Vanguard No No No “We are not using, and have not used, the vulnerable version of OpenSSL.”
Wells Fargo No No No No reason provided.

Government and Taxes

Was it affected? Is there a patch? Do you need to change your password? What did they say?
1040.com No No No “We’re not vulnerable to the Heartbleed bug, as we do not use OpenSSL.”
FileYour Taxes.com No No No “We continuously patch our servers to keep them updated. However, the version we use was not affected by the issue, so no action was taken.”
H&R Block No No No “We are reviewing our systems and currently have found no risk to client data from this issue.”
Healthcare .gov No No No “Healthcare.gov consumer accounts are not affected by this vulnerability.”
Intuit (TurboTax) No No No Turbotax wrote that “engineers have verified TurboTax is not affected by Heartbleed.” The company has issued new certificates anyway, and said it’s not “proactively advising” users to change their passwords.
IRS No No No “The IRS continues to accept tax returns as normal … and systems continue operating and are not affected by this bug. We are not aware of any security vulnerabilities related to this situation.”
TaxACT No No No “Customers can update their passwords at any time, although we are not proactively advising them to do so at this time.”
USAA Yes Yes Yes Yes USAA said that it has “already taken measures to help prevent a data breach and implemented a patch earlier this week.”

Other

Was it affected? Is there a patch? Do you need to change your password? What did they say?
Box Yes Yes Yes Yes “We’re currently working with our customers to proactively reset passwords and are also reissuing new SSL certificates for added protection.”
Dropbox Yes Yes Yes Yes On Twitter: “We’ve patched all of our user-facing services & will continue to work to make sure your stuff is always safe.”
Evernote No No No “Evernote’s service, Evernote apps, and Evernote websites … all use non-OpenSSL implementations of SSL/TLS to encrypt network communications.” Full Statement
GitHub Yes Yes Yes Yes GitHub said it has patched all its systems, deployed new SSL certificates and revoked old ones. GitHub is asking all users to change password, enable two-factor authentication and “revoke and recreate personal access and application tokens.”
IFTTT Yes Yes Yes Yes IFTTT emailed all its users and logged them out, prompting them to change their password on the site.
OKCupid Yes Yes Yes Yes “We, like most of the Internet, were stunned that such a serious bug has existed for so long and was so widespread.”
Spark Networks (JDate, Christian Mingle) No No No Sites do not use OpenSSL.
SpiderOak Yes Yes No Spideroak said it patched its servers, but the desktop client doesn’t use a vulnerable version of OpenSSL, so “customers do not need to take any special action.”
Wikipedia (if you have an account) Yes Yes Yes Yes “We recommend changing your password as a standard precautionary measure, but we do not currently intend to enforce a password change for all users.” Full Statement
WordPress Unclear Unclear Unclear WordPress tweeted that it has taken “immediate steps” and “addressed the Heartbleed OpenSSL exploit,” but it’s unclear if the issue is completely solder. When someone asked Matt Mullenweg, WordPress’ founding developer, when the site’s SSL certificates will be replaced and when users will be able to reset passwords, he simply answered: “soon.”
Wunderlist Yes Yes Yes Yes “You’ll have to simply log back into Wunderlist. We also strongly recommend that you reset your password for Wunderlist.” Full Statement

Password Managers

Was it affected? Is there a patch? Do you need to change your password? What did they say?
1Password No No No 1Password said in a blog post that its technology “is not built upon SSL/TLS in general, and not upon OpenSSL in particular.” So users don’t need to change their master password.
Dashlane Yes Yes No Dashlane said in a blog post users’ accounts were not impacted and the master password is safe as it is never transmitted. The site does use OpenSSL when syncing data with its servers but Dashlane said it has patched the bug, issued new SSL certificates and revoked previous ones.
LastPass Yes Yes No “Though LastPass employs OpenSSL, we have multiple layers of encryption to protect our users and never have access to those encryption keys.” Users don’t need to change their master passwords because they’re never sent to the server. But passwords for other sites stored in LastPass might need to be changed.

Change Your Websites Passwords — be glad you still can


change your password - Heartbleed Bug

change your password – Heartbleed Bug

How To Protect Yourself From The Massive Security Flaw That’s Taken Over The Internet

 

On April 07, 2014 a severe vulnerability in OpenSSL was announced.
If you are receiving this announcement, then you have at least one server with  that may be vulnerable to a serious security flaw.
Known formally as TLS heartbeat read overrun (CVE-2014-0160), and dubbed the “Heartbleed Bug”, this flaw allows for the theft of information normally protected by SSL/TLS encryption. Specifically, the Heartbleed Bug allows memory to be read on systems using OpenSSL 1.0.1 before 1.0.1g, which can compromise private/secret keys used to encrypt data and application traffic. At the very least, this would allow attackers to impersonate users and services, and provide a means for data theft. Unless automatic updating has been disabled, a patch has been downloaded for your system and a system reboot is required to complete the process. We encourage you to reboot your server as soon as possible to ensure your system is secure.

Beginning April 10, 2014 we will be updating and rebooting servers which are found to still be vulnerable to the Heartbleed Bug. Due to the nature of this vulnerability, and the volume of servers eligible for the update, we cannot accommodate requests for a specific reboot time. You may opt out of a server reboot, should you plan to apply the update yourself, by simply opening a ticket at your server provider. If you opt out, Liquid Web will assume that you’ve appropriately patched your servers. For further information on the OpenSSL Heartbleed Bug

In case the Heartbleed bug’s name hasn’t already convinced you of the seriousness of this security vulnerability, allow me to make this clear: you should change the password you use for every website you’ve visited in the last two years.

That message has been repeated ad nauseum since the vulnerability was first revealed earlier this week..

change your password - Heartbleed BugTumblr has asked its users to change their passwords. Mozilla has advised FireFox users who rely on the same password for multiple sites to do the same. So have the New York Times, the Wire, and countless other news sites. Again, in case the bleeding heart metaphor wasn’t enough to convince you that this is a real problem: change all of your passwords. Now.

That’s easier said than done, of course. While there are various tools that can generate strong passwords and keep them in sync across multiple platforms, there isn’t an “Oh shit!” button that can automatically reset all of those passwords when something like this happens. It’s up to you to remember all of the websites you’ve visited, the passwords you used for those sites, and to create new passwords that anyone knowing your old ones won’t be able to guess. That’s not necessarily a bad thing: having to manually change the passwords could help protect against any potential flaws hiding in the generators used by tools like 1Password or LastPass. (Note: I’m not saying the tools have flaws, I’m just saying they hypothetically could, company representatives.)

 

What is the Heartbleed bug?

Heartbleed is a flaw in OpenSSL, the open-source encryption standard used by the majority of websites that need to transmit the data that users want to keep secure. It basically gives you a secure line when you’re sending an email or chatting on IM.

Encryption works by making it so that data being sent looks like nonsense to anyone but the intended recipient.

Occasionally, one computer might want to check that there’s still a computer at the end of its secure connection, and it will send out what’s known as a heartbeat, a small packet of data that asks for a response.

Because of a programming error in the implementation of OpenSSL, the researchers found that it was possible to send a well-disguised packet of data that looked like one of these heartbeats to trick the computer at the other end into sending data stored in its memory.

The flaw was first reported to the team behind OpenSSL by Google security researcher Neel Mehta, and independently found by security firm Codenomicon. According to the researchers who discovered the flaw, the code has been in OpenSSL for about two years, and using it doesn’t leave a trace.

Change your password - Heartbleed BugHow bad is that?

It’s really bad. Web servers can keep a lot of information in their active memory, including usernames, passwords, and even the content that users have uploaded to a service. According to Vox.com’s Timothy Lee, even credit-card numbers could be pulled out of the data sitting in memory on the servers that power some services.

But worse than that, the flaw has made it possible for hackers to steal encryption keys — the codes used to turn gibberish-encrypted data into readable information.

With encryption keys, hackers can intercept encrypted data moving to and from a site’s servers and read it without establishing a secure connection. This means that unless the companies running vulnerable servers change their keys, even future traffic will be susceptible.

Am I affected?

Probably, though again, this isn’t simply an issue on your personal computer or your phone — it’s in the software that powers the services you use. Security firm Codenomicon reports:

You are likely to be affected either directly or indirectly. OpenSSL is the most popular open source cryptographic library and TLS (transport layer security) implementation used to encrypt traffic on the Internet. Your popular social site, your company’s site, commercial site, hobby site, sites you install software from or even sites run by your government might be using vulnerable OpenSSL.

According to a recent Netcraft web server survey that looked at nearly 959,000,000 websites, 66% of sites are powered by technology built around SSL, and that doesn’t include email services, chat services, and a wide variety of apps available on every platform.

Read more: http://www.businessinsider.com/heartbleed-bug-explainer-2014-4#ixzz2yPGdgb5W

The good news is that passwords for services like Facebook and Gmail can be changed. It would be much harder to protect against compromised biometric security measures — what are you gonna do, burn your finger tips and tattoo some new patterns onto them?

 

All Winter Olympics Game Medals and Winner #Socialympics


The 2014 Winter Olympics

The 2014 Winter Olympics, officially the XXII Olympic Winter Games, or the 22nd Winter Olympics, is a major international multi-sport event being held in Sochi, Russia.

#Socialympics
The Winter Olympic Games
is a major international sporting event that occurs once every four years. The first celebration of the Winter Olympics was held in Chamonix, France, in 1924. The original sports were alpine and cross-country skiing, figure skating, ice hockey, Nordic combined, ski jumping and speed skating. The Games were held every four years from 1924 until 1936, after which they were interrupted by World War II. The Olympics resumed in 1948 and were celebrated every four years. The Winter and Summer Olympic Games were held in the same years until 1992, after a 1986 decision by the International Olympic Committee (IOC) to place the Summer and Winter Games on separate four-year cycles in alternating even-numbered years. Because of the change, the next Winter Olympics after 1992 were in 1994.

XXII Olympic Winter Games Medals Count in Sochi 2014 Olympics : http://www.sochi2014.com/en/medals

The 2014 Winter Olympics, officially the XXII Olympic Winter Games, or the 22nd Winter Olympics, is a major international multi-sport event being held in Sochi, Russia. Officially scheduled for 7 February through 23 February 2014, opening rounds in figure skating, skiing, and snowboard competitions were held on the eve of the Opening Ceremony, 6 February 2014. Both the Olympics and 2014 Winter Paralympics are being organized by the Sochi Organizing Committee (SOC). Sochi was selected as the host city in July 2007, during the 119th IOC Session held in Guatemala City. The Sochi Olympics will be the first Olympics in the Russian Federation since the breakup of the USSR in 1991. The USSR was the host nation for the 1980 Summer Olympics in Moscow.

98 events in 15 winter sport disciplines will be held throughout the Games.
A number of new competitions—a total of twelve accounting for gender—will be held during the Games, including biathlon mixed relay, women’s ski jumping, mixed-team figure skating, mixed-team luge, half-pipe skiing, ski and snowboard slopestyle, and snowboard parallel slalom. The events will be held around two clusters of new venues; an Olympic Park was constructed in Sochi’s Imeretinsky Valley on the coast of the Black Sea, with Fisht Olympic Stadium and the Games’ indoor venues located within walking distance, and snow events will be held in the resort settlement of Krasnaya Polyana.

Sochi 2014 Winter Olympics Game Medals and Winner

Medal count

Rank Country Gold Silver Bronze Total
1 Russian Fed. 13 11 9 33
2 Norway 11 5 10 26
3 Canada 10 10 5 25
4 United States 9 7 12 28
5 Netherlands 8 7 9 24
6 Germany 8 6 5 19
7 Switzerland 6 3 2 11
8 Belarus 5 0 1 6
9 Austria 4 8 5 17
10 France 4 4 7 15
11 Poland 4 1 1 6
12 China 3 4 2 9
13 Korea 3 3 2 8
14 Sweden 2 7 6 15
15 Czech Republic 2 4 2 8
16 Slovenia 2 2 4 8
17 Japan 1 4 3 8
18 Finland 1 3 1 5
19 Great Britain 1 1 2 4
20 Ukraine 1 0 1 2
21 Slovakia 1 0 0 1
22 Italy 0 2 6 8
23 Latvia 0 2 2 4
24 Australia 0 2 1 3
25 Croatia 0 1 0 1
26 Kazakhstan 0 0 1 1
Albania 0 0 0 0
Andorra 0 0 0 0
Argentina 0 0 0 0
Armenia 0 0 0 0
Azerbaijan 0 0 0 0
Belgium 0 0 0 0
Bermuda 0 0 0 0
Bosnia and Herzegovina 0 0 0 0
Brazil 0 0 0 0
Bulgaria 0 0 0 0
Cayman Islands 0 0 0 0
Chile 0 0 0 0
Chinese Taipei 0 0 0 0
Cyprus 0 0 0 0
Denmark 0 0 0 0
Dominica 0 0 0 0
Estonia 0 0 0 0
Georgia 0 0 0 0
Greece 0 0 0 0
Hong Kong, CHN 0 0 0 0
Hungary 0 0 0 0
Iceland 0 0 0 0
Independent Olympic Participant 0 0 0 0
India 0 0 0 0
IR Iran 0 0 0 0
Ireland 0 0 0 0
Israel 0 0 0 0
Jamaica 0 0 0 0
Kyrgyzstan 0 0 0 0
Lebanon 0 0 0 0
Liechtenstein 0 0 0 0
Lithuania 0 0 0 0
Luxembourg 0 0 0 0
Malta 0 0 0 0
Mexico 0 0 0 0
Monaco 0 0 0 0
Mongolia 0 0 0 0
Montenegro 0 0 0 0
Morocco 0 0 0 0
Nepal 0 0 0 0
New Zealand 0 0 0 0
Pakistan 0 0 0 0
Paraguay 0 0 0 0
Peru 0 0 0 0
Philippines 0 0 0 0
Portugal 0 0 0 0
Rep. of Moldova 0 0 0 0
Romania 0 0 0 0
San Marino 0 0 0 0
Serbia 0 0 0 0
Spain 0 0 0 0
Tajikistan 0 0 0 0
Thailand 0 0 0 0
The Former Yugoslav Republic of Macedonia 0 0 0 0
Timor-Leste 0 0 0 0
Togo 0 0 0 0
Tonga 0 0 0 0
Turkey 0 0 0 0
Uzbekistan 0 0 0 0
Venezuela 0 0 0 0
Virgin Isl, B 0 0 0 0
Virgin Isl, US 0 0 0 0
Zimbabwe 0 0 0 0

List of All Winter Olympics Game Medals and Winner Before Sochi 2014

Rank Country Gold Silver Bronze Total
1 Norway 107 106 90 303
2 United States 87 95 71 253
3 USSR 78 57 59 194
4 Germany 68 72 48 188
5 Austria 55 70 76 201
6 Canada 52 45 48 145
7 Sweden 48 33 48 129
8 Switzerland 44 37 46 127
9 Finland 41 59 56 156
10 GDR 39 36 35 110
11 Italy 37 32 37 106
12 Russian Fed. 36 29 26 91
13 Netherlands 29 31 26 86
14 France 27 27 40 94
15 Korea 23 14 8 45
16 FRG 13 15 13 41
17 China 9 18 17 44
18 Japan 9 13 15 37
19 Unified Team 9 6 8 23
20 Great Britain 9 3 10 22
21 Olympic United Team of Germany 8 6 5 19
22 Czech Republic 5 5 6 16
23 Australia 5 1 3 9
24 Croatia 4 5 1 10
25 Estonia 4 2 1 7
26 Czechoslovakia 2 8 15 25
27 Poland 2 6 6 14
28 Liechtenstein 2 2 5 9
29 Belarus 1 4 4 9
31 Bulgaria 1 2 3 6
30 Kazakhstan 1 3 2 6
=33 Belgium 1 1 3 5
=33 Ukraine 1 1 3 5
32 Slovakia 1 2 1 4
35 Spain 1 0 1 2
36 Uzbekistan 1 0 0 1
38 Slovenia 0 2 5 7
39 Hungary 0 2 4 6
37 Yugoslavia 0 3 1 4
40 Latvia 0 2 1 3
42 DPR Korea 0 1 1 2
41 Luxembourg 0 2 0 2
45 Romania 0 0 1 1
=43 Denmark 0 1 0 1
=43 New Zealand 0 1 0 1

How to Improve SEO?


Rodin's The Thinker (1879–1889)

Rodin’s The Thinker (1879–1889) is among the most recognized works in all of sculpture.

What do you need to improve SEO?
;-0

To improve SEO you need 3 (three) simple things.

1) learn how to read

2) learn to understand what you read

3) Most important – Implement the way it meant in your reading (2) material.
Not just the way you got it.
Reading help to understand many things ;-)
Understanding help even better!

Nothing better for SEO then read and understand Webmaster Guidelines from Both Google and Bing whatever shorter.
But you need to understand it, not guess, not got it, not realize, not recognize some words that you know.

No matter how much and how ofter you talked about it.
How wonderful, beautiful, colorful graphs you looked at.
If you have no idea of what they meant, or how to use them better go to art gallery.

Understating and most important implementations is the key.

to learn more about how Google fight spam and report spammers use those links:
https://www.google.com/webmasters/tools/spamreport?hl=en
https://support.google.com/webmasters/answer/93713?hl=en
https://support.google.com/webmasters/answer/93713?hl=en
https://support.google.com/websearch/answer/142143?hl=en&rd=1
https://www.google.com/webmasters/tools/spamreportform-ac?hl=en

Removing Content From Google

https://support.google.com/legal/troubleshooter/1114905?rd=1#ts=1115655

Want to report more webspam?

Go to the webspam report form, or install the Chrome Webspam Report Extension, which allows you to report spam with one click from the search results page.
Want to improve your search experience?

Need help visit my site: youneeditall.com and send me email

it was time to add post to my blog, so i did it Blah-blah-blah