Recipe: Get your contacts back after you lost your phone

You lost your phone, and all your contacts are gone? Use rogr.io, to get them all back—hassle-free, and without having to piece together information from hundreds of emails, texts, and Facebook comments.

Create the fetch

• Go to rogr.io and log in (or sign up if you don't have an account yet).
• Click on the outbox and create a new fetch by clicking on the green plus symbol.

• Skip the first section, and click on Basic Information to complete that section with a title and a short description for your contacts to see.

• Now scroll down and click on the Data section. Fill it out similar to what is shown below—you can change the data elements (KPIs in rogr.io) to your liking. Maybe add a data element for the Skype user name?
  In case you added an element by mistake, remove it with the cross/trash symbol on the right-hand side.

• Click on Go Fetch It at the top to finish your work. You should see the fetch in your workspace now. Now, we need to create an access link. Click on the title ("Felix' phone book" in my example) to open the fetch again.

• Click on Public invite link to get a link. That's your public invite link for this fetch. Everybody who has the link can provide their data to you. Post it to your Facebook, for example.

Now, you can sit back and relax. Your friends can provide you their contact data, and they don't even have to create an account!

Get the results

Whenever you're curious about the progress, just log in to rogr.io again, and open the fetch. You'll see the status of everybody who has replied. Click on Export to Excel (simple) to download it all and use it in your Android phone (Google Contacts), Outlook, or your iPhone.

• Android (Google Contacts): Open the Excel file, save it as a CSV file and then import into Google.
• Outlook: Follow the instructions to import into Outlook.
• iPhone: Open the Excel file, save it as a CSV file and then import into your iPhone.

Heartbleed

What is the Heartbleed Bug?

A bug is an programming error in software. This one is so relevant, that it got its own name, "heartbleed". It's a flaw in an encryption module that is used all over the internet. Many secure web servers use it to encrypt the communication with their users, and an estimated 17% of those public servers are vulnerable to the attack, allowing attackers to break the encryption and even get their hands on confidential information on those servers (including the servers' keys and certificates)—without leaving a trace.

The bug was discovered on Apr 3, 2014 and publicly announced four days later, but it existed in the software since December of 2011.

What are the consequences?

There is a software update available to close the vulnerability, and many affected companies have already installed it. Nevertheless, your information on the affected servers could have been accessed by attackers for almost two years. Even after fixing the bug, attackers might have continued access to your data if they stole your password. Allegedly, the NSA has been using the exploit, there might be others.

Is rogr.io affected?

Yes, our service used the encryption module vulnerable by heartbleed. We've closed the bug on Apr 7, 2014 and are deploying new server certificates.

What should I do?

• Find out if the services you're using have been affected.

• Watch communication messages in your email and see blog posts and other communication.
• Find a list of the major players affected here: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/.
• Contact other services that manage confidential data of you.

• Change your passwords on the affected sites, but only after the bug has been fixed.
• Enable 2-factor authentication wherever possible.

In which order should I change my passwords?

• Many services rely on your email to reset passwords or authenticate information. Therefore, first re-establish secure email access in case it was compromised (e.g., Gmail).
• After this, change your passwords on affected sites, but, as mentioned before, only after the web site en question has fixed the heartbleed bug.
• As a safety measure, we recommend the following two additional steps:
• If you're using 2-factor authentication, disable it and then enable it again, forcing the server to store your credentials again.
• Enable 2-factor authentication on all web sites that offer it (e.g., Google, Facebook, Outlook.com, AWS, Tumblr).

Sources:

1. http://heartbleed.com/
2. http://techcrunch.com/2014/04/07/massive-security-bug-in-openssl-could-effect-a-huge-chunk-of-the-internet/
3. http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html
4. http://arstechnica.com/security/2014/04/private-crypto-keys-are-accessible-to-heartbleed-hackers-new-data-shows/
5. http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
6. http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
7. http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html