What's new

BEWARE: HEARTBLEED- new BUG affecting main sites like ....

MrsPeel

MrsPeel

LOVE LOVE LOVE!!!
Pollywog
Joined
May 7, 2012
Messages
22,332
...Yahoo and other big stuff but not exclusively, here is the article

http://www.cnet.com/uk/news/how-to-protect-yourself-from-the-heartbleed-bug/

edit to add: here is an ever better link with clickable list for worse affected/list/vulnerability

http://tech.firstpost.com/news-anal...pretty-much-every-online-password-221526.html

I would just change all passwords as a preventive meassure.

I thought I let you know as there were spammers around here too...

Hope everyone is well, apologies I haven't been able to catch up, I swear I'm trying my very best :(

Hugggzzz
 
Last edited:
Thanks for your message... I can't quite decide how to react to Heartbleed. I haven't changed any passwords yet, and am not sure I will at this stage. Tough call.
 
My thought is if it hasn't been fixed yet in all sites, aren't I just going to be changing my passwords constantly for the next while as each side implements fixes?
 
bestcee said:
My thought is if it hasn't been fixed yet in all sites, aren't I just going to be changing my passwords constantly for the next while as each side implements fixes?
Click to expand...

You should only change your passwords after affected sites have fixed the vulnerability, is what I was told. I use a password manager (LastPass) and if I run their security check feature it gives me a list of all the sites I can now change. I assume they just update it as sites fix the problem.
 
Peppermint said:
You should only change your passwords after affected sites have fixed the vulnerability, is what I was told. I use a password manager (LastPass) and if I run their security check feature it gives me a list of all the sites I can now change. I assume they just update it as sites fix the problem.
Click to expand...

Thanks for the tip about LastPass!

I too have heard that it's best to change passwords after any potential vulnerability has been resolved. I have been using a link provided by my host to check sites/servers for vulnerability. And then double checking with this link: http://filippo.io/Heartbleed/

Thankfully all my regular sites have been checking out as "safe" (including my bank, TLP, my personal site, etc etc). The "big" ones like Amazon and FB either reported they weren't affected or have also resolved the issue already.

Still this is another reminder to be diligent about pw updating!! :beat

eta: here is an ongoing list of some of the more frequently visited and popular sites: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/ It is listing whether they were impacted and whether or not they have patched the issue. It's important to know that if a site is still vulnerable, a pw change doesn't make a difference. And, more disturbingly "there is no guarantee your information wasn't already compromised".
 
Last edited:
Oooh that is great to know about LastPass. Just ran the check myself and did some updating!
 
Looks like the sites that I use are good... thank goodness! I did however change the passwords on the ones it said to change.
 
I got an email from Pintrest today saying they were affected. I didn't click the link in the email, because I'm virus paranoid, but did go to the site and change my email from my account settings.
 
Back
Top