Jump to content

Menu
Giving You and Your Child a Road Map to the Best Possible Education
The Well-Trained Mind Community

The Heartbleed Bug

Forget-Me-Not

By Forget-Me-Not,
in The Chat Board

 Share

Recommended Posts

gaillardia

gaillardia

Posted
Posted

I think about this. It is creepy. I don't understand a lot of what can go on behind the scenes within our computers and with the servers. I do know that because of business sites I click on to check out products for sale, later when I'm on other websites, because of being tracked, that company or product's company will have an advertisement off the side of the product I was interested in, on other websites I may get on. It is called native advertising. It ticks me off but I guess I could always be stealth surfing (incognito). That is another topic also. A lot of people use incognito so their surfing can't be traced and I can think of a few reasons why people use that function, some good reasons, some bad.

But that isn't what the article is about...someone told me to always make sure that https: is what I'm using on various websites to protect my security.

Link to comment
Share on other sites
Seasider

Seasider

Posted
Posted

My uncle (a top notch computer engineer) posted something about it on Facebook, but I can't copy and paste it from my phone. I will paste his "what to do" when I get to my actual computer.


Can you share your initial impression? This is a real problem versus this is something to be aware of but not freak out over?
Link to comment
Share on other sites
Mrs Mungo

Mrs Mungo

Posted
Posted

Can you share your initial impression? This is a real problem versus this is something to be aware of but not freak out over?

My impression:

This is a real problem. You should take steps to protect yourself, but you don't need to panic.

I will paste the steps he gave in a bit.
Link to comment
Share on other sites
Kim in Appalachia

Kim in Appalachia

Posted
Posted

I've been working on changing my passwords, but I have so many!  And after I changed a few, I read that I should have waited till I knew those sites dealt with the issue.  

 

It's a good habit to change passwords regularly, but I hate doing that. 

 

We've had so many computer issues lately.  My boys now play Minecraft on our PCs and we're getting all kinds of junk on our computers.  

Link to comment
Share on other sites
Dana

Dana

Posted
Posted

Dh works in IT.
It's a real problem.

I'll be changing all my passwords (sigh).
Amazon was affected.
There's no way to know if your data was stolen.

There are some websites that give updates on whether the bug has been patched on sites.
It's pointless to change passwords on a site that hasn't been patched (or you'll have to change your password again after the site is patched).

This exploit has been around for a while. There's no way to know if your info has been stolen.
Change passwords and use strong passwords.

Link to comment
Share on other sites
nmoira

nmoira

Posted
Posted

This would be an excellent time to add 2-step authentication to your Google account if you haven't already. A text message or voice call is made to your trusted phone each time you log in in to Google services from a new device with a passcode (in addition to your password) to enter before access is allowed.

 

Link to comment
Share on other sites
emzhengjiu

emzhengjiu

Posted
Posted

Thankfully my 17 yo DD found out about this bug before it was in the news!  I'm happy to have a computer savvy teen around.  She's feeling good about herself and a bit smart about now to have let me know early.  :tongue_smilie:

 

I'm changing all my passwords in about a week, unless my daughter tells me otherwise.  It's a scary issue.

Link to comment
Share on other sites
Lovelace

Lovelace

Posted
Posted

It is serious but no sense panicking about it.  This vulnerability is around two years old.  Any site that you log into that is https for any part of the website you should email them and make sure either that 1.) they weren't vulnerable or 2.) a patch has been applied.  Then change your password.

 

Don't use any password that you've used in the last two years and use different passwords for each site.  Use symbols, numbers and characters and make it long.

Link to comment
Share on other sites
G5052

G5052

Posted
Posted

I agree, I would recommend changing all passwords, and doing so again in a few months as the remainder of vulnerable systems are patched.

 

This is what I'm hearing.  Change everything, then do it again this summer.  Maybe that's overkill, but it is serious.

Link to comment
Share on other sites
Mrs Mungo

Mrs Mungo

Posted
Posted

This is what he said:

It's International Web Password Change Day! Brought to you by HEARTBLEED the vulnerability that doesn't infect you, but most web sites have an account on.

Make a list of all the sites you have an account on and check them at the link below. If a site returns "fixed or unaffected" CHANGE YOUR PASSWORD and cross it off the list. If a site returns anything else, check it the next day until it says "fixed or unaffected" then change your password. Do this until you cross off all the sites on your list.

If you have an Android phone/tablet, get the Bluebox Heartbleed Scanner app from the Google Play store to check if you are using any Apps that are affected.

http://filippo.io/Heartbleed/

Link to comment
Share on other sites
twoxcell

twoxcell

Posted
Posted

 

I agree, I would recommend changing all passwords, and doing so again in a few months as the remainder of vulnerable systems are patched.

Ugh, am I the only one who has a hard time thinking of passwords in the first place? How am I supposed to remember them if I keep changing them? :leaving: I hate passwords.

Link to comment
Share on other sites
carriede

carriede

Posted
Posted

Ugh, am I the only one who has a hard time thinking of passwords in the first place? How am I supposed to remember them if I keep changing them? :leaving: I hate passwords.


I don't know if this is a sound method or not but...

I have a "base" password that I use for ALL websites. For the sake of simplicity, let's say my base password is Kitty5.

Then for each account I have, I have a "prefix" that is associated with that particular site, usually it's name. So for pinterest.com, the prefix might be Pin or Pinterest. So the WHOLE password becomes prefix+base, so PinterestKitty5. Then Gmail might be GmailKitty5.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...