Jump to content



Recommended Posts

G. David Felt

Alternative Fuels & Propulsion writer



In the news of the last 48hrs has been the story about the large hole in SSL or what is known as Secure Socket Layer.

I don’t usually talk about network security around here, but this vulnerability almost certainly affects you.

Whenever you buy anything online, most often, that transaction is encrypted using Secure Socket Layer (SSL). If you’re on a site such as Amazon, then you go to the shopping cart or checkout, at the top of the URL you’ll see http:// change to https://. That is generally an indicator that SSL encryption is protecting your credit card data.

Turns out there has been a massive hole in a specific implementation of SSL. On some sites, all your “encrypted private data” has been clear and open for attackers to see.

If you don’t want your identity hijacked, and ESPECIALLY if you have credit card data on these sites, you should change your password TODAY on Facebook, Twitter, and with Apple (e.g, iTunes). I happen to have a GoDaddy domain, so I need to change my password with GoDaddy, too. If you have a TurboTax or Dropbox password, those should be changed, too.

For a list of major vendors who have been vulnerable AND have installed the fix, see:


Because SSL is so foundational to e-commerce sites, some vulnerable sites need time in order to install the fix. That means if you change your password to fool attackers on a site that has not yet installed the fix, you’re just giving the attackers your new passwords. If a site where you have an account sends you an email about the Heartbleed bug, take note! Meanwhile, be more diligent than usual about watching your e-shopping transactions!

Full Details about the Heartbleed bug can be read here: http://heartbleed.com/

Link to comment
Share on other sites

Join the conversation

You are posting as a guest. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

About us

CheersandGears.com - Founded 2001

We ♥ Cars

Get in touch

Follow us

Recent tweets


  • Create New...