Jump to content
Sign in to follow this  


Recommended Posts

G. David Felt

Alternative Fuels & Propulsion writer



In the news of the last 48hrs has been the story about the large hole in SSL or what is known as Secure Socket Layer.

I don’t usually talk about network security around here, but this vulnerability almost certainly affects you.

Whenever you buy anything online, most often, that transaction is encrypted using Secure Socket Layer (SSL). If you’re on a site such as Amazon, then you go to the shopping cart or checkout, at the top of the URL you’ll see http:// change to https://. That is generally an indicator that SSL encryption is protecting your credit card data.

Turns out there has been a massive hole in a specific implementation of SSL. On some sites, all your “encrypted private data” has been clear and open for attackers to see.

If you don’t want your identity hijacked, and ESPECIALLY if you have credit card data on these sites, you should change your password TODAY on Facebook, Twitter, and with Apple (e.g, iTunes). I happen to have a GoDaddy domain, so I need to change my password with GoDaddy, too. If you have a TurboTax or Dropbox password, those should be changed, too.

For a list of major vendors who have been vulnerable AND have installed the fix, see:


Because SSL is so foundational to e-commerce sites, some vulnerable sites need time in order to install the fix. That means if you change your password to fool attackers on a site that has not yet installed the fix, you’re just giving the attackers your new passwords. If a site where you have an account sends you an email about the Heartbleed bug, take note! Meanwhile, be more diligent than usual about watching your e-shopping transactions!

Full Details about the Heartbleed bug can be read here: http://heartbleed.com/

Share this post

Link to post
Share on other sites

Your content will need to be approved by a moderator

You are commenting as a guest. If you have an account, please sign in.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Who's Online   0 Members, 0 Anonymous, 161 Guests (See full list)

    There are no registered users currently online

About us

CheersandGears.com - Founded 2001

We ♥ Cars

Get in touch

Follow us

Recent tweets