We’re taking the Salsa Community Conference (now FUSE 2014) into a new stratosphere of learning, networking and successful online organizing. In addition to the great training, tech tips and networking that you’ve come to expect, this year’s conference will be bigger and better - and is open to anyone in the nonprofit world. We hope you can join us on August 6 and 7 in the Washington DC metro area for FUSE 2014.
Join hundreds of your nonprofit peers on a single mission - to ignite action and fuel change through successful online organizing. Learn more and register.
Chelsea Bassett Apr 09 • Salsa Labs / Commons Blog
You really should update your passwords across the internet. Why? Heartbleed.
It sounds terrible, doesn't it? An alarming name for a rather alarming bug with security encryption used on many many sites, you'll want to make sure to update any passwords that you use online so that your information is better protected from this point forward.
This bug is associated with certain versions of OpenSSL, a widely-used encryption software. You can read all about it here, but to address some Salsa-specific concerns, the good news is, the versions of OpenSSL that we use for our public resources (the pages and processes that you as a Salsa user or your supporters interact with) are not vulnerable. So when it comes to Salsa and Heartbleed, you don’t have to worry.
Though the OpenSSL versions that we use are not vulnerable, our systems team has decided to replace all of our SSL certificates over the next month as an added precaution.
Our support team has also received a few questions about how your gateway processors might be affected. We recommend that you contact your gateway provider (Authorize.net, FirstData, DemocracyEngine or PayPal) directly with any concerns that may be unique to their accounts. But we can assure you that the OpenSSL encryption that Salsa uses for donation pages when passing data through our system to the gateway processors is not vulnerable to the Heartbleed bug.
Please contact email@example.com if you have any follow-up questions or concerns. And update your passwords. Now!