Jump to content
  • Greetings Guest!

    CheersandGears.com was founded in 2001 and is one of the oldest continuously operating automotive forums out there.  Come see why we have users who visit nearly every day for the past 16+ years. Signup is fast and free, or you can opt for a premium subscription to view the site ad-free.

Sign in to follow this  
dfelt

HEARTBLEED BUG - It Affects YOU!

Recommended Posts

G. David Felt

Alternative Fuels & Propulsion writer

www.CheersandGears.com

post-12-0-49522600-1397163396_thumb.png

In the news of the last 48hrs has been the story about the large hole in SSL or what is known as Secure Socket Layer.

I don’t usually talk about network security around here, but this vulnerability almost certainly affects you.

Whenever you buy anything online, most often, that transaction is encrypted using Secure Socket Layer (SSL). If you’re on a site such as Amazon, then you go to the shopping cart or checkout, at the top of the URL you’ll see http:// change to https://. That is generally an indicator that SSL encryption is protecting your credit card data.

Turns out there has been a massive hole in a specific implementation of SSL. On some sites, all your “encrypted private data” has been clear and open for attackers to see.

If you don’t want your identity hijacked, and ESPECIALLY if you have credit card data on these sites, you should change your password TODAY on Facebook, Twitter, and with Apple (e.g, iTunes). I happen to have a GoDaddy domain, so I need to change my password with GoDaddy, too. If you have a TurboTax or Dropbox password, those should be changed, too.

For a list of major vendors who have been vulnerable AND have installed the fix, see:

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

Because SSL is so foundational to e-commerce sites, some vulnerable sites need time in order to install the fix. That means if you change your password to fool attackers on a site that has not yet installed the fix, you’re just giving the attackers your new passwords. If a site where you have an account sends you an email about the Heartbleed bug, take note! Meanwhile, be more diligent than usual about watching your e-shopping transactions!

Full Details about the Heartbleed bug can be read here: http://heartbleed.com/

Share this post


Link to post
Share on other sites

Your content will need to be approved by a moderator

Guest
You are commenting as a guest. If you have an account, please sign in.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  



About us

CheersandGears.com - Founded 2001

We ♥ Cars

Get in touch

Follow us

Recent tweets

facebook

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.