Web security advisory

news about changes and fixes to the board, and a place to post any technical queries.

Moderator: staff

Post Reply
User avatar
kiwi33
board admin
board admin
Posts: 9290
Joined: Thu Jan 24, 2008 5:51 am

Web security advisory

Post by kiwi33 » Thu Apr 10, 2014 11:36 am

Some members may have noticed articles about the "Heartbleed" Web security flaw. There is a fairly technical account of it here: http://www.smh.com.au/it-pro/security-i ... zqsif.html .

Essentially what it means is that there was a flaw in a commonly-used protocol (it is, in effect, a version of the "https" = the "padlock" icon) which people use to send private information (passwords, private e-mails, credit card details, etc) to Web sites - hackers could exploit this flaw to get access to your private information.

What should you do about this?

(1) Be alert but not alarmed.

(2) There is a (long) list of sites which have been checked for "Heartbleed" here: https://github.com/musalbas/heartbleed- ... op1000.txt. If a site that you use is listed as vulnerable it would be sensible to avoid it until the issue is fixed.

(3) If you use Internet banking, contact your bank and check that the flaw (if applicable) has been fixed. My bank sent out an automatic e-mail confirming that their site is not vulnerable to Heartbleed.

Edited to update:

(4) This is the most recent list of vulnerabilities of popular sites that I can find: http://mashable.com/2014/04/09/heartble ... cid=146326 .

In most cases they are secure but for some changing your password is a good plan (better safe than sorry).
Alone we are born
And die alone
Yet see the red-gold cirrus
Over snow-mountain shine.


From High Country Weather, James K Baxter

You walk with an intelligence
That informs a clear bright eye
There are unexpected revelations
In the company of ravens.


From In The Company Of Ravens, Maddy Prior

Jamas
spiffy maximus
spiffy maximus
Posts: 4451
Joined: Mon Feb 26, 2007 4:08 pm

Re: Web security advisory

Post by Jamas » Sat Jul 26, 2014 7:56 pm

Thank you, Kiwi! :geek:

Post Reply

Who is online

Users browsing this forum: No registered users and 60 guests