1. Patients launch $1.27 million crowdfunding campaign for ME/CFS gut microbiome study.
    Check out the website, Facebook and Twitter. Join in donate and spread the word!
The ePatient Revolution
Ryan Prior shares his experience and his thoughts from attending the Stanford Medicine X Conference as he contemplates the rising of the ePatient Revolution ...
Discuss the article on the Forums.

Warning! The BBC have just announced that all security sites on the web are compromised

Discussion in 'General ME/CFS Discussion' started by Countrygirl, Apr 9, 2014.

  1. Countrygirl

    Countrygirl Senior Member

    Messages:
    858
    Likes:
    703
    UK
    I have just heard on the BBC 24-hour news that a 'catastrophic' flaw has been discovered that makes all our passwords available to hackers, especially. sites with the padlocked symbol. Patches are going to be applied and then we will need to change our passwords. Meanwhile, all padlocked sites are at risk,so be very cautious. \even if you change your password now that too will be vulnerable.

    I hope none of us is a victim. Watch your financial accounts carefully..


    C.G.
     
    Last edited: Apr 10, 2014
    WillowJ, barbc56 and tdog333 like this.
  2. tdog333

    tdog333 Senior Member

    Messages:
    113
    Likes:
    64
    WillowJ and barbc56 like this.
  3. Sean

    Sean Senior Member

    Messages:
    1,307
    Likes:
    2,338
    1. Don't panic. Yes, it is a major security flaw. But there is very little you, the average user, can do about it (directly).

    2. However, you can check if a secure connection (https, the one with the little padlock symbol) is compromised. To check the secure connection for a site, go to Heartbleed or SSL-Test and enter the url address of the site you wish to check. It will tell you if it has been secured.

    Please note that this only tests secure connections (https type), not standard unsecured connections (http). Not all sites use a secure connection.

    There are also different types of secure connection, this problem is only with https, also known as SSL or TLS.

    3. There is no point in changing your passwords on any site until that site's servers have been secured against this problem. It is happening rapidly worldwide as we speak, and most sites have probably already been secured, especially critical sites like banks, government departments, major businesses, etc. I will bet virtually 100% of them were done within a day or so.
     
  4. Countrygirl

    Countrygirl Senior Member

    Messages:
    858
    Likes:
    703
    UK
    The source was my TV, tdog, that was blaring out the news alongside my bed :bang-head:during the night.

    Thank you Sean for giving us the details which were not stated by the news reader.

    C,G.
     
  5. Ruthie24

    Ruthie24 Senior Member

    Messages:
    155
    Likes:
    282
    New Mexico, USA
    Actually, I have it on good authority that many sites still aren't patched. We just checked Amazon a bit ago and it still isn't. Don't change passwords now. Wait until sites are patched.
     
    Sean and Countrygirl like this.
  6. Ambrosia_angel

    Ambrosia_angel Senior Member

    Messages:
    440
    Likes:
    234
    England
    We've always been vulnerable to hackers. The only way to ever prevent it is to not use the internet. Scaremongering to be honest. I wonder how many months they kept this supposed new information.
     
    taniaaust1 likes this.
  7. Sean

    Sean Senior Member

    Messages:
    1,307
    Likes:
    2,338
    Not sure when it was first spotted, but it has been on the loose for about 2 years.
     
    Ambrosia_angel likes this.
  8. Ambrosia_angel

    Ambrosia_angel Senior Member

    Messages:
    440
    Likes:
    234
    England
    I think everybody needs to know that the internet is never private or safe. If the government can access everything why can't joe bloggs? A lot of these hackers have government given knowledge or have worked with people high in the telecommunications industries to learn how to hack.
     
    taniaaust1 likes this.
  9. Sean

    Sean Senior Member

    Messages:
    1,307
    Likes:
    2,338
    Indeed. There are only degrees of relative privacy and safety online.

    I am not too concerned about this latest security problem, mainly because it was out in the wild for so long, but we have not seen any consequences. If it had already been exploited on any significant scale we would almost certainly have already seen the consequences. But so far, nothing, that I know of.

    Given there is no serious exploitation of it, then it is probably a good thing it happened, wake people up a bit.
     
    Ambrosia_angel, searcher and SOC like this.
  10. Ruthie24

    Ruthie24 Senior Member

    Messages:
    155
    Likes:
    282
    New Mexico, USA
    Yet
     
  11. TigerLilea

    TigerLilea Senior Member

    Messages:
    150
    Likes:
    184
    Vancouver, British Columbia
    The "Heartbleed" bug has been around for two years now. They have only just recently detected it.
     
  12. Sean

    Sean Senior Member

    Messages:
    1,307
    Likes:
    2,338

See more popular forum discussions.

Share This Page