Passwords you need to change - Input Junkie
Passwords you need to change|http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
The very short version: a number of very respectable major websites had a security flaw which made them quite vulnerable. Now that they've fixed the flaw you should change your password for those sites.A lot more detail.
Links thanks to andrewducker
This entry was posted at http://nancylebov.dreamwidth.org/1044315.html
. Comments are welcome here or there.
comments so far on that entry.
This is BAD. Very very bad. SSL is every-darn-where. The mashable list only mentions really major websites, but many, many smaller websites use it. And oh boy is this easy to do until a patch is applied.
Assume No Such Agency, Russian state spy agencies, Chinese state spy agencies and various criminal organizations have all used this flaw to gather masses of data. And likely this includes encryption keys. For most of us, the criminals pose more of an immediate threat to our financial wellbeing, and the security agencies more of an existential & symbolic threat, but it's all bad, bad, bad.
|Date:||April 14th, 2014 03:45 pm (UTC)|| |
On reading the article I notice that it is not all SSL, merely one particular part of one type of SSL called OpenSSL. Thank you for the first link though because I now know which passwords I *do* need to change.