Heartbleed Bug

thedoc46 · 9 Apr 2014 at 21:56

Apologies if this is already being discussed but i didn't see it on the first page of GD.

Anyway, so cutting a long story short, hackers pretty much have EVERYTHING.

http://heartbleed.com/

Any Credit Cards we've ever used, any p/w for any forum, e-commerce sites, fleabay, amazon, paypal..... well to round it up, the entire internet which relied on SSL, has been compromised.

Is it even worth changing all your passwords, I mean, they're probably already working on a new hack, that won't be discovered for another couple of yrs..

I've just had all my credit cards replaced after using them in Target (USA) over xmas. Which was hacked over that period.

Does it worry you ?

thedoc46 · 9 Apr 2014 at 22:11

ubern00b said:
Bit of a scaremongering post isn't it? Your statement is not true in the slightest. Only a specific version (yes, it is widely used and it is a big issue but they don't have "everything") of OpenSSL has the vulnerability and all the big players have already patched.

The problem does come from forums and websites etc that never bother patching or keeping up with security updates but those sorts of sites probably have many other vulnerabilities anyway.

I would check in to your important sites and see if there are any alerts to them having patched and what steps to take to ensure you are safe. You don't use the same password on all sites anyway, do you?

2 thirds of all websites.

http://online.wsj.com/news/articles/SB10001424052702304819004579489813056799076

thedoc46 · 9 Apr 2014 at 22:17

Russinating said:
No, not yet. No reported details being released/sold by hacking groups anyway.

Soon they'll be setting up sites selling off the u/n's and p/w's like they're currently doing with the Target breach.

Heartbleed Bug

thedoc46

thedoc46

thedoc46

thedoc46

thedoc46

thedoc46