Open SSL viruse - change those passwords!

[tadink]

There has been a major breech in security around OPEN SSL - a way of keeping your data secure on ALL the sites we all use. sigh.

This info-graphic is pretty useful for determining which of your accounts you probably need to address - which is probably most of them!

http://venturebeat.files.wordpress.com/2014/04/lwg_heartbleed.jpg

be safe!

td

[mikester]

Don't change your passwords until whatever institution you're worried about has told you they have fixed their side. If you change your password before that you're just giving up your new password too.

[masraum]

Quote:

Originally Posted by mikester

Don't change your passwords until whatever institution you're worried about has told you they have fixed their side. If you change your password before that you're just giving up your new password too.

+1000

If you change your password, but the site hasn't been fixed yet, then you have just potentially handed your new password to the baddies.

[tadink]

This was posted on VentureBeat - a site I also frequent - I would imagine that ALL the updates that were needed to have been made to cover up this flaw would have already been made - the IT crowd is pretty quick on this stuff - but use your own best judgement.....

"The Heartbleed security flaw was fixed in the newest version of OpenSSL, but you should still change your passwords on all of the sites affected by the bug.

If you’re still not sure which sites were affected, we have the perfect chart for you, created by the “digital forensic specialists” at LWG Consulting. Every site from Facebook and Google to Pinterest and Flickr was affected. Luckily, many financial institutions were not."

[masraum]

From http://xkcd.org/