Forget-Me-Not Posted April 10, 2014 Share Posted April 10, 2014 I'm surprised there are no threads about this (unless I've overlooked one)!http://m.washingtonpost.com/news/morning-mix/wp/2014/04/09/heartbleed-what-you-should-know/ Thoughts? Quote Link to comment Share on other sites More sharing options...
gaillardia Posted April 10, 2014 Share Posted April 10, 2014 I think about this. It is creepy. I don't understand a lot of what can go on behind the scenes within our computers and with the servers. I do know that because of business sites I click on to check out products for sale, later when I'm on other websites, because of being tracked, that company or product's company will have an advertisement off the side of the product I was interested in, on other websites I may get on. It is called native advertising. It ticks me off but I guess I could always be stealth surfing (incognito). That is another topic also. A lot of people use incognito so their surfing can't be traced and I can think of a few reasons why people use that function, some good reasons, some bad. But that isn't what the article is about...someone told me to always make sure that https: is what I'm using on various websites to protect my security. Quote Link to comment Share on other sites More sharing options...
Mrs Mungo Posted April 10, 2014 Share Posted April 10, 2014 My uncle (a top notch computer engineer) posted something about it on Facebook, but I can't copy and paste it from my phone. I will paste his "what to do" when I get to my actual computer. Quote Link to comment Share on other sites More sharing options...
Seasider Posted April 10, 2014 Share Posted April 10, 2014 My uncle (a top notch computer engineer) posted something about it on Facebook, but I can't copy and paste it from my phone. I will paste his "what to do" when I get to my actual computer. Can you share your initial impression? This is a real problem versus this is something to be aware of but not freak out over? Quote Link to comment Share on other sites More sharing options...
Mrs Mungo Posted April 10, 2014 Share Posted April 10, 2014 Can you share your initial impression? This is a real problem versus this is something to be aware of but not freak out over? My impression: This is a real problem. You should take steps to protect yourself, but you don't need to panic. I will paste the steps he gave in a bit. Quote Link to comment Share on other sites More sharing options...
Liz CA Posted April 10, 2014 Share Posted April 10, 2014 The article explained very well what is going on. I am not surprised. This kind of thing is bound to happen more frequently as we conduct more and more transactions online in addition to blogging, emailing, posting on sites, etc. Quote Link to comment Share on other sites More sharing options...
Forget-Me-Not Posted April 10, 2014 Author Share Posted April 10, 2014 Yes. I take steps to make sure my data is secure, but I never, ever assume that anything is airtight. Quote Link to comment Share on other sites More sharing options...
Luckymama Posted April 10, 2014 Share Posted April 10, 2014 We're changing passwords as we are notified of changes made to servers. Quote Link to comment Share on other sites More sharing options...
Kim in Appalachia Posted April 10, 2014 Share Posted April 10, 2014 I've been working on changing my passwords, but I have so many! And after I changed a few, I read that I should have waited till I knew those sites dealt with the issue. It's a good habit to change passwords regularly, but I hate doing that. We've had so many computer issues lately. My boys now play Minecraft on our PCs and we're getting all kinds of junk on our computers. Quote Link to comment Share on other sites More sharing options...
Dana Posted April 10, 2014 Share Posted April 10, 2014 Dh works in IT. It's a real problem. I'll be changing all my passwords (sigh). Amazon was affected. There's no way to know if your data was stolen. There are some websites that give updates on whether the bug has been patched on sites. It's pointless to change passwords on a site that hasn't been patched (or you'll have to change your password again after the site is patched). This exploit has been around for a while. There's no way to know if your info has been stolen. Change passwords and use strong passwords. Quote Link to comment Share on other sites More sharing options...
PinkyandtheBrains. Posted April 10, 2014 Share Posted April 10, 2014 Here is a starter list:http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/ Quote Link to comment Share on other sites More sharing options...
Liz CA Posted April 10, 2014 Share Posted April 10, 2014 The lists have conflicting info. One of the lists says Google (Gmail) and Amazon were not affected; the other website lists them as affected but having patched it. Quote Link to comment Share on other sites More sharing options...
PinkyandtheBrains. Posted April 10, 2014 Share Posted April 10, 2014 The lists have conflicting info. One of the lists says Google (Gmail) and Amazon were not affected; the other website lists them as affected but having patched it. I agree, I would recommend changing all passwords, and doing so again in a few months as the remainder of vulnerable systems are patched. Quote Link to comment Share on other sites More sharing options...
nmoira Posted April 10, 2014 Share Posted April 10, 2014 This would be an excellent time to add 2-step authentication to your Google account if you haven't already. A text message or voice call is made to your trusted phone each time you log in in to Google services from a new device with a passcode (in addition to your password) to enter before access is allowed. Quote Link to comment Share on other sites More sharing options...
emzhengjiu Posted April 10, 2014 Share Posted April 10, 2014 Thankfully my 17 yo DD found out about this bug before it was in the news! I'm happy to have a computer savvy teen around. She's feeling good about herself and a bit smart about now to have let me know early. :tongue_smilie: I'm changing all my passwords in about a week, unless my daughter tells me otherwise. It's a scary issue. Quote Link to comment Share on other sites More sharing options...
ChocolateReignRemix Posted April 10, 2014 Share Posted April 10, 2014 I agree, I would recommend changing all passwords, and doing so again in a few months as the remainder of vulnerable systems are patched. Changing a password before a site is patched will not be of any help. Quote Link to comment Share on other sites More sharing options...
Lovelace Posted April 10, 2014 Share Posted April 10, 2014 It is serious but no sense panicking about it. This vulnerability is around two years old. Any site that you log into that is https for any part of the website you should email them and make sure either that 1.) they weren't vulnerable or 2.) a patch has been applied. Then change your password. Don't use any password that you've used in the last two years and use different passwords for each site. Use symbols, numbers and characters and make it long. Quote Link to comment Share on other sites More sharing options...
G5052 Posted April 10, 2014 Share Posted April 10, 2014 I agree, I would recommend changing all passwords, and doing so again in a few months as the remainder of vulnerable systems are patched. This is what I'm hearing. Change everything, then do it again this summer. Maybe that's overkill, but it is serious. Quote Link to comment Share on other sites More sharing options...
carriede Posted April 10, 2014 Share Posted April 10, 2014 Hmmm 30+ new multiple character, easy to remember yet hard to decipher passwords? Bring it! I needed to update my passwords sheet anyway. Quote Link to comment Share on other sites More sharing options...
felicity Posted April 10, 2014 Share Posted April 10, 2014 I'm using the first letters if random song or book titles. The long ones of course. Quote Link to comment Share on other sites More sharing options...
Jane in NC Posted April 10, 2014 Share Posted April 10, 2014 Those who like xkcd will want to see this:http://xkcd.com/ Quote Link to comment Share on other sites More sharing options...
Dana Posted April 10, 2014 Share Posted April 10, 2014 Those who like xkcd will want to see this:http://xkcd.com/ I sent that one to my husband Wednesday morning. Tuesday night he'd asked me to stay offline from anything sensitive. He thinks he's fixed what was needed at their office. Quote Link to comment Share on other sites More sharing options...
Mrs Mungo Posted April 10, 2014 Share Posted April 10, 2014 This is what he said:It's International Web Password Change Day! Brought to you by HEARTBLEED the vulnerability that doesn't infect you, but most web sites have an account on.Make a list of all the sites you have an account on and check them at the link below. If a site returns "fixed or unaffected" CHANGE YOUR PASSWORD and cross it off the list. If a site returns anything else, check it the next day until it says "fixed or unaffected" then change your password. Do this until you cross off all the sites on your list.If you have an Android phone/tablet, get the Bluebox Heartbleed Scanner app from the Google Play store to check if you are using any Apps that are affected.http://filippo.io/Heartbleed/ Quote Link to comment Share on other sites More sharing options...
twoxcell Posted April 10, 2014 Share Posted April 10, 2014 I agree, I would recommend changing all passwords, and doing so again in a few months as the remainder of vulnerable systems are patched. Ugh, am I the only one who has a hard time thinking of passwords in the first place? How am I supposed to remember them if I keep changing them? :leaving: I hate passwords. Quote Link to comment Share on other sites More sharing options...
carriede Posted April 10, 2014 Share Posted April 10, 2014 Ugh, am I the only one who has a hard time thinking of passwords in the first place? How am I supposed to remember them if I keep changing them? :leaving: I hate passwords. I don't know if this is a sound method or not but... I have a "base" password that I use for ALL websites. For the sake of simplicity, let's say my base password is Kitty5. Then for each account I have, I have a "prefix" that is associated with that particular site, usually it's name. So for pinterest.com, the prefix might be Pin or Pinterest. So the WHOLE password becomes prefix+base, so PinterestKitty5. Then Gmail might be GmailKitty5. Quote Link to comment Share on other sites More sharing options...
Guest Posted April 10, 2014 Share Posted April 10, 2014 I just reset most of mine and I am never going to be able to get back on anything, lol. Quote Link to comment Share on other sites More sharing options...
5of5 Posted April 11, 2014 Share Posted April 11, 2014 It's good advice to use the link provided up thread: http://filippo.io/Heartbleed/ To check any important site that hasn't already been identified. I just discovered a banking account that is exposed! Quote Link to comment Share on other sites More sharing options...
Seasider Posted April 11, 2014 Share Posted April 11, 2014 Thanks for all the links and helpful info. Now I'm off to make my list of sites and dream up new passwords. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.