Log in

No account? Create an account
Passwords you need to change - Input Junkie
April 10th, 2014
11:40 am


Previous Entry Share Next Entry
Passwords you need to change

The very short version: a number of very respectable major websites had a security flaw which made them quite vulnerable. Now that they've fixed the flaw you should change your password for those sites.

A lot more detail.

Links thanks to andrewducker.

This entry was posted at http://nancylebov.dreamwidth.org/1044315.html. Comments are welcome here or there. comment count unavailable comments so far on that entry.

(2 comments | Leave a comment)

[User Picture]
Date:April 11th, 2014 02:26 am (UTC)
This is BAD. Very very bad. SSL is every-darn-where. The mashable list only mentions really major websites, but many, many smaller websites use it. And oh boy is this easy to do until a patch is applied.

Assume No Such Agency, Russian state spy agencies, Chinese state spy agencies and various criminal organizations have all used this flaw to gather masses of data. And likely this includes encryption keys. For most of us, the criminals pose more of an immediate threat to our financial wellbeing, and the security agencies more of an existential & symbolic threat, but it's all bad, bad, bad.
[User Picture]
Date:April 14th, 2014 03:45 pm (UTC)
On reading the article I notice that it is not all SSL, merely one particular part of one type of SSL called OpenSSL. Thank you for the first link though because I now know which passwords I *do* need to change.
nancybuttons.com Powered by LiveJournal.com