How An Earworm & Heartbleed Broke The Internet

Are your ears ringing? Does your heart skip a beat? Well, they should - as two divergent forms of malware attacked our online sense of well-being this week. Engineered by social media gurus on one front and hackers on the other, one was analogous to an American Idol trainwreck, while the other, the work of a nefarious cat burglar.

Please Stop The Music

In late March, "Let's Get Social," an ill-begotten rap anthem for social media types debuted at this year's Social Media Marketing World in San Diego. A mega-conference that attracted over 2000 marketers was the venue - and Mary McCoy, the self-proclaimed "A Capella and Pun Enthuisast" [according to her Twitter profile] was one of the perpetrators.

However Mary doesn't deserve all the credit [or lack thereof], the song's lyrics were penned by the director of the event, Phil Mershon, with music by composer Dave Curtis.

To say they received bad reviews would be kind. Slate's Dee Lockett called it a "pop anthem social media never knew it needed." Dusten Carlson at SocialNews Daily, opened his review with "Full Disclosure: 'Let's Get Social' is the worst thing you'll hear all day." While Connor Simpson at The Wire described it as "your aunt's Facebook wall put to song," Greg Moskovitch's Music Feeds review labeled it "the cringe-inducing ode to social media."

In addressing the misstep, even McCoy joined in with a little self-effacing humor  of her own:

How Will My Heart Go On?

Which bring us to the issue Heartbleed issue. While "Let's Get Social" might have led to an earworm [aka stuck-song syndrome], Hearbleed is a much-more serious affliction to our sensibilities.

It's unfortunately something that could affect a lot more than just the social media elite. From financial institutions to payment sites to Internet browsers, almost 80 percent of online software is potentially at risk.

This flaw in the Internet goes to the core of what makes sites perform their intended function while keeping users' data private and secure. To keep that info safe, encryption uses "keys" which are stored on your computer and with the client [the web app or server] where they function in the background automatically.

The security rules used  on the Web is known as Secure Sockets Layer [SSL] and OpenSSL is the one that's the most common. It's free and thousands of web services use it. According to some sources about two thirds of the Web runs on this protocol.

What's in a Name?

According to Washington Post's Caitlin Dewey, "part of Heartbleed’s scariness, and its shareability, springs from the weird poetry of its assumed name." Like other shorthand memes, a security firm called Codenomicon -- which claims its engineers were one of the first to detect the bug-- are also the ones responsible for naming and  branding it. On their "" website you can see they've even designed a logo. Working off the premise that "naming" a phenomenon will raise awareness, this website will walk you through the basics including their rationale behind the name.

Remedies for an Earworm & Heartbleed?

While the earworm is annoying, it's longevity can be shortened by listening to other music you enjoy. Others say just write the words of the song down backwards and sing the words as written. For instance, the lines "so we shoot our viral video and we post it to the Gram" should be sung as such: "Gram the to it post we and video viral our shoot we." [and "shoot we," we must!]

Heartbleed on the other hand is something much more serious. Codenomicon's website is a good place to start, but many other blog advisories suggest you change all of your passwords on secured sites.

Also, test to see which sites are vulnerable. LastPast has created a Web app where you can learn what kind of encryption a site uses, and when the encryption was last updated. Felippo has built a Web app that will test whether a site is still vulnerable to the Heartbleed bug. And Bluebox Security, a mobile security company, designed an app that will scan your Android phone to test whether it uses vulnerable versions of OpenSSL, either in its operating system or in any of your apps.

With a name like "Heartbleed," it's no surprise how serious this threat is. Like a leaky heart valve in humans that goes undetected and can lead to a blood clot and potential stroke, it is doubly dangerous because it may be too late before you know you've been affected.

From someone whose trying to get that ringing out of my head so I can remember all of my 100s of passwords, good luck to you all from the bottom of my heart [and ears]! May your prognosis be a healthy one!