Heart Bleed bug
- Thread starter Salma
- Start date
30
Salma,
That bug pertains to government websites only. This site has no affiliation - therefore your passwords and/or information are safe.
That bug pertains to government websites only. This site has no affiliation - therefore your passwords and/or information are safe.
20
Unfortunately, you are incorrect in that it affected only government sites.
http://www.cbc.ca/news/technology/heartbleed-web-security-bug-what-you-need-to-know-1.2603988
It affected more than two thirds of all existing websites on the internet - any site that uses OpenSSL encryption. The list of affected sites is endless so far. The most commonly known example is the CRA website hack but that does NOT mean government only. Yahoo (and ALL of its services), Google (and ALL of their services including youtube, gmail, google+, etc.), Facebook, Instagram, Pinterest, Amazon, most email or social networking sites, Skype, etc, etc.
A simple google search will yield article upon article about this "disaster" and how to check which sites were affected.
If this site uses OpenSSL encryption then it was vulnerable as well. Please look into this as heart bleed is an EXTREMELY dangerous bug that has been lingering around the internet for the last 2 years until it was detected last week.
Your IT people should be checking the servers for any encryption vulnerabilities and then applying the necessary patch to eliminate this type of threat in the future.
30
Salma,
Thanks for the full posting pertaining to the bug. You are correct - not only are gov't sites effected - they are just some of the "top" sites which are. Remaining sites effected by this bug are basically (but not limited to) the top "1000" websites searched in the world. As you mentioned - the likes of MSN/Yahoo etc.
Although this site is fantastic - it sure isn't one of the top 1000. Admin is aware of the issue. And if you feel your account is threatened - perhaps refrain from logging in for awhile or do so sporadically. As many of our members are aware - this forum has been "hacked" quite a few times in the past year. The consensus and concern with our members was to get the site back up and running as soon as possible - not so much about our alias identities being hacked.
Fingers crossed the site stays intact - we had enough down time already (knocking on wood now....)
20
I, too, hope this site does not have any other difficulties as it is an invaluable source of information for our industry that cannot be found anywhere else.
I'm not concerned about our aliases on this specific site being hacked. Maybe I wasn't able to explain myself well enough in my previous post. I was only referring to the "bigger picture" of this whole mess. Basically, if anyone uses their username and password to log onto any one of the millions of possible sites affected, the "bug" is then able to start reading personal info from that users internet browser (Firefox, IE, Chrome, etc...) exposing ALL of the stored usernames and passwords that have been used by that person for at least the past 2 years. This is the actual exposure that is causing such a panic. Essentially one vulnerable site gives the hackers access to ALL of your username and passwords.
I was not attacking this particular site or saying it's a bad site - just voicing a general concern and trying to educate those who don't know much about this bug. Up until a few days ago, I knew absolutely nothing about it at all.
Just a side note for anyone that is interested......... apparently Firefox is the WORST browser to use since it stores ALL of your saved usernames and passwords in a drop-down menu right in the toolbar itself. Pretty scary stuff.........
Anyone who uses Chrome, luckily, is saved from all of this.
30
I'm happy Salma that we have someone like you to pose these types of questions. You are 100% right - scary indeed.
In mentioning Firefox - there is an option to NOT STORE any personal data. Basically any site that you visit in Firefox and then leave - so goes your data also - like an email address or "blanked" out **** password. If you Google where to find the steps to do so (which I just discovered a couple weeks back for my home computer) - it is quite easy. Just not an easy "find" if you don't know what you are looking for.
I have not received anything regarding this site nor has operation been effected. So I would go on that premise - no news from ADMIN is good news.
Thanks Salma for being concerned about the members - this forum and and our privacy protection.
On another note - with all the passwords I carry with me...in my brain...on a daily basis - I am terrified of bumping my head...and forgetting them all!!! I would be in trouble...big trouble....
In mentioning Firefox - there is an option to NOT STORE any personal data. Basically any site that you visit in Firefox and then leave - so goes your data also - like an email address or "blanked" out **** password. If you Google where to find the steps to do so (which I just discovered a couple weeks back for my home computer) - it is quite easy. Just not an easy "find" if you don't know what you are looking for.
I have not received anything regarding this site nor has operation been effected. So I would go on that premise - no news from ADMIN is good news.
Thanks Salma for being concerned about the members - this forum and and our privacy protection.
On another note - with all the passwords I carry with me...in my brain...on a daily basis - I am terrified of bumping my head...and forgetting them all!!! I would be in trouble...big trouble....
20
Thanks for the info! I will definitely look into Firefox settings.
I know what you mean......... I'm in the same boat!
[EMAIL said:AccountsReceivable@DRC, post: 48720, member: 68[/EMAIL]]
On another note - with all the passwords I carry with me...in my brain...on a daily basis - I am terrified of bumping my head...and forgetting them all!!! I would be in trouble...big trouble....
I know what you mean......... I'm in the same boat!