Forums
New posts
Articles
Product Reviews
Policies
FAQ
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Menu
Log in
Register
Install the app
Install
Forums
General Discussions
Security Awareness
Heartbeat OpenSSL bug does not affect OSX.
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="chas_m" data-source="post: 1577755"><p>Now that a few days have passed, some dust has settled and things seem clearer.</p><p></p><p>The OpenSSL bug allowed attackers who were monitoring a site to "see" the contents of RAM for a while after you've input login credentials. That's a serious flaw, but your risk of this happening to you individually seems, to me, pretty low.</p><p></p><p>Mashable has a list of <a href="http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/" target="_blank">"sites where you should change your password"</a> such as Yahoo (ie, they have patched the issue but were using OpenSSL and thus your password MIGHT have been compromised. Maybe. Possibly.)</p><p></p><p>Banks (and Apple, and Microsoft) don't use OpenSSL, so its a non-issue with them (as you can see from the Mashable page).</p><p></p><p>If you use iCloud keychain or 1Password or a program like that, this is an excellent opportunity to change your password from something old and weak to something new and strong. Take advantage of that.</p></blockquote><p></p>
[QUOTE="chas_m, post: 1577755"] Now that a few days have passed, some dust has settled and things seem clearer. The OpenSSL bug allowed attackers who were monitoring a site to "see" the contents of RAM for a while after you've input login credentials. That's a serious flaw, but your risk of this happening to you individually seems, to me, pretty low. Mashable has a list of [URL="http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/"]"sites where you should change your password"[/URL] such as Yahoo (ie, they have patched the issue but were using OpenSSL and thus your password MIGHT have been compromised. Maybe. Possibly.) Banks (and Apple, and Microsoft) don't use OpenSSL, so its a non-issue with them (as you can see from the Mashable page). If you use iCloud keychain or 1Password or a program like that, this is an excellent opportunity to change your password from something old and weak to something new and strong. Take advantage of that. [/QUOTE]
Verification
Post reply
Forums
General Discussions
Security Awareness
Heartbeat OpenSSL bug does not affect OSX.
Top