I changed gmail, facebook and yahoo passwords this morning. Should I have waited? Should I change them again in the near future?
I used this page as a guide: http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/Is there a better one?
― Oren Zombarchi (WilliamC), Thursday, 10 April 2014 15:55 (eleven years ago)
bookmarked
― sleeve, Thursday, 10 April 2014 15:59 (eleven years ago)
just done mine (those 3 plus dropbox). i used this list:
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected
― koogs, Thursday, 10 April 2014 16:01 (eleven years ago)
https://www.youtube.com/watch?v=I1sNImbI2Zw
― waterbabies (waterface), Thursday, 10 April 2014 16:01 (eleven years ago)
(was surprisingly hard to find the google password change option)
― koogs, Thursday, 10 April 2014 16:03 (eleven years ago)
took this as an opportunity to do some bulk password resetting for the first time in a long time.
― sitting on a claud all day gotta make your butt numb (forksclovetofu), Thursday, 10 April 2014 16:41 (eleven years ago)
Most of my websites of concern seemed to be OK. Gmail has 2-step verification, so not terribly concerned there.
― Josh in Chicago, Thursday, 10 April 2014 16:43 (eleven years ago)
LastPass Heartbleed checker https://lastpass.com/heartbleeddon't forget to check your private trackers
― Sébastien, Thursday, 10 April 2014 17:44 (eleven years ago)
thanks, forgot that one
― sleeve, Thursday, 10 April 2014 17:45 (eleven years ago)
As long as your password isn't ******** you're fine.
― StanM, Thursday, 10 April 2014 18:19 (eleven years ago)
the things people will do to get on 77
― smhphony orchestra (crüt), Thursday, 10 April 2014 18:25 (eleven years ago)
https://www.eff.org/deeplinks/2014/04/wild-heart-were-intelligence-agencies-using-heartbleed-november-2013
― wat is teh waht (s.clover), Thursday, 10 April 2014 18:26 (eleven years ago)
irl assessment by lecturer with Phd in net security topic:
don't worry bout it.
― recommend me a new bagman (darraghmac), Thursday, 10 April 2014 18:49 (eleven years ago)
do your worst, bugthingy
― images of war violence and historical smoking (Dr Morbius), Thursday, 10 April 2014 18:49 (eleven years ago)
person attacking even a vulnerable site would have to have been live on the same server at the same time as you in order to get any relevant info is his assessment
good to know but that means i freaked out my mom for no reasonplease don't tell her
― sitting on a claud all day gotta make your butt numb (forksclovetofu), Thursday, 10 April 2014 19:02 (eleven years ago)
i think this only applies to the session side-jacking attack cuz if the vulnerability happens to reveals the server's private key then any SSL traffic that is sniffed can be decrypted
― diamonddave85 (diamonddave85), Thursday, 10 April 2014 19:23 (eleven years ago)
now google.com fails to respond in firefox, 'waiting for www.google.com...' - there's probably a session using the old password kicking around...
― koogs, Thursday, 10 April 2014 19:53 (eleven years ago)
http://i.imgur.com/AMQEQik.jpg
― smhphony orchestra (crüt), Friday, 11 April 2014 03:56 (eleven years ago)
i can't care enough to read about this
― markers, Friday, 11 April 2014 03:56 (eleven years ago)
I don't even own a computer
― nitro-burning funny car (Moodles), Friday, 11 April 2014 04:01 (eleven years ago)
What's an internet
― 龜, Friday, 11 April 2014 04:07 (eleven years ago)
Whose hands are these?
― art, Friday, 11 April 2014 04:11 (eleven years ago)
Whose hands are these? --art
Wait they're mine. My hands
who are you?
― Mayor Manuel (La Lechera), Friday, 11 April 2014 04:14 (eleven years ago)
http://www.quickmeme.com/img/2a/2afdb16b3d5143a9feaad0116b07a778c4e7a6583a44edac128b8421c8603007.jpg
― the Bronski Review (Trayce), Friday, 11 April 2014 05:10 (eleven years ago)
really sick of waiting for a response from xvideos, come on guys
― Matt Armstrong, Friday, 11 April 2014 05:27 (eleven years ago)
not ashamed to note that the first website i checked was ilxori got no answer
― sitting on a claud all day gotta make your butt numb (forksclovetofu), Friday, 11 April 2014 05:31 (eleven years ago)
a lot of the sites i never even knew or neeed https on to start with. I mean, Soundcloud!?
― the Bronski Review (Trayce), Friday, 11 April 2014 05:40 (eleven years ago)
Got an e-mail from a colleague saying "because of security concerns related to the Heartbleed bug, we have changed the password for ********** access. The new password is 'Password1'".
― Yuri Bashment (ShariVari), Friday, 11 April 2014 07:43 (eleven years ago)
ahaha
― smhphony orchestra (crüt), Friday, 11 April 2014 07:45 (eleven years ago)
capital letter and a digit = good. needs punctuation
Password1!
― koogs, Friday, 11 April 2014 08:27 (eleven years ago)
Lol
― recommend me a new bagman (darraghmac), Friday, 11 April 2014 08:28 (eleven years ago)
Pinboard @Pinboard Apr 8Responsible disclosure (n.): coming up with a cool logo, homepage and name for your terrifying bug before panicking the Internet with it
― sktsh, Friday, 11 April 2014 11:01 (eleven years ago)
My new password:
http://cdn4.fashionablygeek.com/wp-content/uploads/2014/02/benny-SPACESHIP.jpg
I just have to figure out how to make the Lego guy's head.
― Josh in Chicago, Friday, 11 April 2014 12:06 (eleven years ago)
some of my old passwords, help yourself:
8{qx=L6n
-#@Ru:c2
(standard android 'Secrets' app generates passwords that are terrible to type using the android keyboard)
― koogs, Friday, 11 April 2014 19:24 (eleven years ago)
Hip Hop & Rappers for Ron Paul shared 11Alive's status update.
Like Page11Alive
The National Security Agency not only knew about Heartbleed for at least two years, the agency used it to gather intelligence, according to a report.
― puff puff post (uh oh I'm having a fantasy), Friday, 11 April 2014 22:11 (eleven years ago)
Bloomberg News says NSA found it, used it, didn't report it. NSA and White House deny.
― dow, Friday, 11 April 2014 22:41 (eleven years ago)
our favorite comic with a pretty good explanation actually http://xkcd.com/1354/
― wat is teh waht (s.clover), Saturday, 12 April 2014 02:03 (eleven years ago)
(also yeah, this seems like the sort of thing the nsa would def have found, but one never knows)
― wat is teh waht (s.clover), Saturday, 12 April 2014 02:05 (eleven years ago)
NS4 probably doesn't need stuff this basic if they already have back doors into every type of firewall or network card's firmware. But yeah, this denial keeps us all quiet and happy.
― StanM, Saturday, 12 April 2014 02:28 (eleven years ago)
Disclaimer: not saying they do have what I just said, only that that would seem like the most obvious way to do what they supposedly do.
― StanM, Saturday, 12 April 2014 02:31 (eleven years ago)
CRA says social insurance numbers of about 900 Canadians stolen in Heartbleed breach.http://business.financialpost.com/2014/04/14/cra-sin-stolen-heartbleed/?__lsa=2c04-fb9f
wonder if other crimes have been reported.
― Sébastien, Monday, 14 April 2014 16:19 (eleven years ago)