• Heartbleed bug causes confusion
    1 replies, posted
[url]http://www.bbc.co.uk/news/technology-26971363#sa-ns_mchannel=rss&ns_source=PublicRSS20-sa[/url]
OK here's the lowdown: 1. Google say no need to change Google services accounts Technically this is true - Google and select partners were informed and patched their servers ahead of the public announcement. Facebook was included in this early heads-up too - but Yahoo was not. Hence: 2. Yahoo say change everything It's probably best to do so anyway, there's no harm in it. It is true that changing your password on a vulnerable server is ineffective though - in fact, it carries an increased risk as it's recent memory that's most vulnerable - accessing a compromised server therefore puts your details into recent memory and at risk. This leads into: 3. It's not obvious when a server has been patched Mashable have another table of most large US websites and their status here: [url]http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/[/url] Beyond that, you can check any website here: [url]http://filippo.io/Heartbleed/[/url] (note the legality of using this on any server you don't own is questionable, but imho I don't think anyone's going to get in trouble from it) and then change your password when the site is verified safe.
Sorry, you need to Log In to post a reply to this thread.