Thread: "Heartbug" virus question:
View Single Post
mikester mikester is offline
Registered
 
mikester's Avatar
 
Join Date: Mar 2002
Location: My House
Posts: 5,346
Send a message via AIM to mikester
Quote:
Originally Posted by Paul_Heery View Post
If you are concerned about the sites you visit, Qualsys has updated their SSL test to check for Heartbleed vulns.

https://www.ssllabs.com/ssltest/index.html
Love those guys. Excellent link - thanks for that.

Basically if a site is using this version of OpenSSL for their encryption then someone can listen for the traffic, copy it, decrypt it and your username and password for that password might be in it.

If it is, well you could have given access to your bank to someone.

This is why two-factor authentication is so important for things that matter. If you had a regular password and then a one time password from somewhere else then getting the one password would not compromise you. The one time password you also have changes every time and you have some 'thing' either an app on your computer/smart device or a fob that creates the one time password. They would get that password which isn't good for more than one login.

Anyway.

I hate it when encryption bugs happen.
__________________
-The Mikester

I heart Boobies
Old 04-10-2014, 08:09 AM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #6 (permalink)