Thread: Heartbleed

What the "Heartbleed" Security Bug Means For You

Check your favorite websites and see if they are vulnerable to this dangerous bug:

Here's a tool to test:

https://lastpass.com/heartbleed/

If you have credentials stored in a vulnerable site, you can change your password now, but you'll have to change it again when they fix the vulnerability.

Stay Safe.

ps- somebody let Lynn and SRP Vendors know ASAP

That vulnerability was announced 2 days ago and none of the SRP advertisers is currently vulnerable, as far as I know.

However, it's a very serious issue and if it was exploited on vast scale over the last two years, the damage is already done and people's sensitive data have been already stealthily stolen through the blue chip corporations.
I can't imagine that somebody with the knowledge would've gone after a small time shaving vendor when they have plenty of vulnerable targets on the fortune 500 list.

gugi,

Thanks for being on top of it.

Originally Posted by Siguy

gugi,

Thanks for being on top of it.

See this place gets better all the time,
and Thank you for pointing out the vulnerability!

Pat,

Wasn't me. Ivan already knew. I posted it so the general SRP public could take interest and action if it affected anyone. Ivan gets all the credit on this one.

There's a simply testing tool out there for the public to use if they want to check whether their favorite website is vulnerable or has been fixed yet.

http://filippo.io/Heartbleed/

Kind Regards,

Simon

Originally Posted by Siguy

Pat,

Wasn't me. Ivan already knew. I posted it so the general SRP public could take interest and action if it affected anyone. Ivan gets all the credit on this one.

Kind Regards,

Simon

And then a thanks to Ivan as well.

It is becoming more and more important as commerce and the likes move this way.
I double checked our website at work and the corresponding company that handles our transactions.
We are a small enough company that many of us wear several hats.

Kind of sad but makes me proud that here is where I heard about it.

Thank you again gentlemen, all of you.

Well, I'd admit this is more of a side effect from my former uber-geekery when I was the sole admin managing the computer infrastructure for one of the largest departments. These days I only manage a couple of servers including the one for SRP, basically as a favor, so I still keep an eye on what's going on out there, but mostly just the very important stuff like this vulnerability. I'm definitely not on top of the latest issues with the linux-kernel and the stock binaries tend to be good enough for me

Amen, brother.

The K.I.S.S "The Keep It Simple Stupid" approach to many things in life is becoming more greatly appreciated as I get older.

Originally Posted by Siguy

Amen, brother.

The K.I.S.S "The Keep It Simple Stupid" approach to many things in life is becoming more greatly appreciated as I get older.

That and "love is grand, Divorce is at least twenty" best lessons my daddy taught me.

Originally Posted by gugi

Well, I'd admit this is more of a side effect from my former uber-geekery when I was the sole admin managing the computer infrastructure for one of the largest departments. These days I only manage a couple of servers including the one for SRP, basically as a favor, so I still keep an eye on what's going on out there, but mostly just the very important stuff like this vulnerability. I'm definitely not on top of the latest issues with the linux-kernel and the stock binaries tend to be good enough for me

And you called me a geek 'cause I can quote from Conan the Barbarian.