Sign in to follow this  
secone

Heartbleed Threat?

Recommended Posts

I have been running Online Armor and Emsisoft Anti-Malware for a couple of years now....none better in my opinion. Am I protected from this new Heartbleed bug that I am seeing so much about? Thanks...Emsisoft rocks!

Share this post


Link to post
Share on other sites

Unfortunately not, because this bug is not located on your computer, but rather within the traffic that goes from your computer to various remote servers which use OpenSSL. Normally, when you use OpenSSL to secure data, for example to send a password (say, to log in to your gmail account), your log in data will be encrypted, it will be a garbled block of data that only the receiving server (in our example Google mail) can decrypt after which it verifies the credentials and either lets you log in or tells you you entered the wrong data.

 

In case of HeartBlead the problem is with the "garbled data" part, which in the end isn't as garbled as it should be (this is really simplifying it :)) so anyone who intercepts the traffic sent towards Google Mail in our example can see your username and password (and eventually use this data to hack your mail account). No firewall can protect you against this, the connection you used was supposed to be safe, except... it wan't because there was a bug.

 

What you can do to verify if you've been a (potential) victim of HeartBlead is verify sites to which you send sensitive data (email, online banking and such). You can do that for example here: http://filippo.io/Heartbleed/

 

Be aware though, a site can be "fixed" but still have been exposed in the past. Changing passwords isn't much work and its better to be safe than sorry. :)

Share this post


Link to post
Share on other sites
Heartbleed test - Which services are or have been exposed: (10 000 sites)

https://github.com/musalbas/heartbleed-masstest/blob/master/top10000.txt

 

 

Change passwords for sites such as:

 

- Facebook,

- Twitter,

- Yahoo,

- Tumblr,

- Google,

 

They're safe because they loaded a patch, but always worth it to change your password. ;)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.