Whitwick & District U3A - Computing tip May 2014
The Heartbleed vulnerability has been in the news in recent weeks, with somewhat alarming reports in various parts of the media. It is certainly true that a large number of websites have potentially been at risk, and there have been some reported instances of this vulnerability being used. Unfortunately what is virtually impossible to determine, is whether this problem has been exploited on a large scale.
The main point from a userís perspective is what should you do about it? By now you should expect any of the major sites which had this vulnerability to have fixed it, and if so they will most probably have asked you to change your password. If you rushed to change your password before they contacted you, then you should change it again. Remember that this vulnerability is only relevant where you were using a secure (encrypted) connection i.e. the ones with the padlock symbol and which start with https:// .
If you have not heard anything from a major site, then it is probable they were not vulnerable and there is no immediate need to change your password. Sites of smaller organisations may or may not have suffered a problem and hence may or may not have notified you, but with such widespread publicity there can be few website administrators who have not dealt with the problem, except for small personal sites where the webmaster may not realize it affects them.
It does not affect the use of the WAD U3A site.
A more general point is not to use the same password across many sites, especially those that you use for financial transactions (banking, buying etc.) or where significant personal information is involved. It is also good idea to change your passwords from time to time. These suggestions are of course a pain to put into practice, which is why they are so often ignored.
|Previous XP support ends||
Back to Information
Next Win 8 & 8.1 updates