‘Heartbleed bug’ threatens web traffic

[QDP2012]

"A flaw has been discovered in an encryption method used on about two-thirds of all websites, including Google, Amazon, Yahoo and Facebook, potentially exposing web traffic, user data and stored content to cyber criminals.

The “heartbleed bug” was found in the OpenSSL software by a team of security engineers last week, leaving technology companies scrambling to fix their systems before it was announced on Monday night. " -- Financial Times (FT.com)

‘Heartbleed bug’ threatens web traffic -- Financial Times (FT.com)

 

[CapStar362]

another source please.... one that DOESN'T require signing up just to read a public article prefered

 

[QDP2012]

another source please.... one that DOESN'T require signing up just to read a public article prefered

FT did not require signing-up when I initially read the article. I guess they got overwhelmed with the link from DrudgeReport.com, and walled-off the article.

After a quick internet-search, here are some related articles:

• Here's How To Protect Yourself From The Massive Security Flaw That's Taken Over The Internet
• Heart Bleed Bug Could Compromise Large Part of the Internet
• 'Heartbleed' bug undoes Web encryption, reveals Yahoo passwords
  
• Critical Security Bug 'Heartbleed' Hits Up To 66 Percent Of The Internet
• Major security alert over ‘heartbleed’ eavesdropping bug that could have infected TWO THIRDS of sites
• Online security flaw exposes millions of passwords

Hope this helps,

 

[svfd17]

P25.ca is affected as well.

Sent from a rotary phone

 

[com501]

P25.ca is affected as well.

Sent from a rotary phone

Fixed overnight.

 

[QDP2012]

Another related article, if interested:

DailyMail: Will changing your password REALLY protect you from Heartbleed? Tech giants under pressure to advise and reassure users in wake of bug

 

[Dude111]

Fixed overnight.

They didnt configure thier SSL cert right! (Some older browsers/some devices cant get to thier site anymore Im reading)

 

[com501]

SSL cert will take a few days. My web host told me that they have requests backed up. Not surprising.

I wonder how much this affects NSA spying and if they have a work around in place yet?

I for sure changed all my passwords, and will do so AGAIN in 30 days and probably again change user names AND passwords again around June.

 

[bravo14]

Update on a arrest

I saw this on a local news

Hacker charged in CRA Heartbleed breach ‘straight-A’ engineering student | Globalnews.ca

Canadians arrest a Heartbleed hacker | Money - Home

London, Ont., man, 19, charged in Canada Revenue Agency Heartbleed hack | Canada | News | Toronto Sun

 

[KB7MIB]

Wirelessly posted (Opera/9.80 (BREW; Opera Mini/6.0.3/27.2354; U; en) Presto/2.8.119 320X240 LG VN530)

I also caught something a week or two ago about the NSA having known about this for years, and instead of warning folks about it, exploited it for their own purposes.
I have no idea if this is true or not. And I don't have a link to the story, I only read the headline.

 

[com501]

They did, and they did.