1. Home
  2. Sewing Discussions
  3. [OT] Security bug

[OT] Security bug

Be careful out there!

formatting link
A newly discovered security bug nicknamed Heartbleed has exposed millions of usernames, passwords and reportedly credit card numbers - a major problem that hackers could have exploited during the more than two years it went undetected.

formatting link
The shortest version: You'll have to change all of your passwords, and temporarily avoid any site that is known to be vulnerable. That sounds a bit alarmist, we know, but now that internet and security experts know a little more about the security vulnerability, it's becoming more and more clear that Heartbleed is nothing to mess with.

formatting link
etc.

If you go to that last one, there is a link, so you can check the sites you use:

formatting link

Reply to
BEI Design
Loading thread data ...

I read this earlier today and it is my understanding that it's mostly aimed at Ubuntu users. But that's not to say it can't affect more of us. But the site I read it on said to keep a close eye on bank and credit card statements.

Reply to
ItsJoanNotJoann

ItsJoanNotJoann wrote: :On Thursday, April 10, 2014 12:13:56 PM UTC-5, BEI Design wrote: :> :> Be careful out there! :> :>

formatting link
:> :> :I read this earlier today and it is my understanding that it's mostly :aimed at Ubuntu users. But that's not to say it can't affect more of us. :But the site I read it on said to keep a close eye on bank and credit :card statements.

It's a server bug that made it possible for a remote attacker to retrieve the contents of the memory of the server. That means they could get the encryption keys used by that server, as well as passwords. The only sensible thing to do is change the password of every website you use.

Reply to
David Scheidt

Thanks for the web link. I started changing passwords last night. To add insult to injury our big desktop runs on Windows XP. even more reason to be extra careful. I asked DH not to use that computer for anything that requires a password. He's not a Happy Camper about that. Juno

Reply to
Juno

Juno, the recommendation is to wait a bit before changing passwords, as unless the sites you visit patch the security hole the miscreants still have access to the data, so they will just get your *new* password(s). :-(

From

formatting link
: But because each system administrator has to manually fix the problem, which takes time, there's really nothing you can do until the compromised sites are up and running with an updated version of OpenSSL, and a new security certificate in place - a "reset" of the encryption used to protect current and archived information on the server going forward. [...] Each site affected will have to do the same. Until then, stay away from those sites. It could take days, or longer, for vulnerable sites to recover from the bug.

I must have several DOZEN log-ons and passwords. I create a new discrete one for every site I visit that requires one (shopping, broker, bank, facebook, etc.). Each set is then stored in a password-protected text file on a thumb drive. After I make all the changes, I'll edit that file, too.

Reply to
BEI Design

Now he's really not a happy camper. since he got an iPad he's always checking everything. I keep telling him we can do things other ways. I should say I can do things other ways. He loves computers but I'm the one who has to make all the changes, because he doesn't thin he'll do it right. Some days it makes me a little crazy.

Reply to
Juno

InspirePoint website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.