Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Critical Security Bug 'Heartbleed' Hits Up To 66 Percent Of The Internet
http://www.huffingtonpost.com/2014/04/08/heartbleed-66-percent_n_5112793.html?utm_hp_ref=technology
So what can users do? Matthew Prince, CEO of content delivery network Cloudflare, one of the first businesses to be notified of the bug, told The Huffington Post that sadly, there's not much normal netizens can do to protect themselves. "When you finish using a website, make sure to actively log out," Prince advised -- that makes it less likely that a hacker exploiting Heartbleed will be able to take your personal information.
Prince also put in a word of comfort: "Heartbleed is so serious -- it's such a big, bad event -- that almost every major service is scrambling to clean it up as quickly as possible." He estimated that most currently vulnerable websites will be "patched" by the end of the week.
Though a number of major websites have already been patched, others, including OKCupid, Flickr, Imagur and Yahoo.com, reportedly remain vulnerable to Heartbleed.
Users can test if their favorite websites are vulnerable here, though this service is reportedly not 100 percent reliable. Vulnerable sites should not be logged into until they're patched -- check those sites' blogs or Twitter feeds for updates -- and once a website has its patch in place, you should change your password for that site as soon as possible.
Prince also put in a word of comfort: "Heartbleed is so serious -- it's such a big, bad event -- that almost every major service is scrambling to clean it up as quickly as possible." He estimated that most currently vulnerable websites will be "patched" by the end of the week.
Though a number of major websites have already been patched, others, including OKCupid, Flickr, Imagur and Yahoo.com, reportedly remain vulnerable to Heartbleed.
Users can test if their favorite websites are vulnerable here, though this service is reportedly not 100 percent reliable. Vulnerable sites should not be logged into until they're patched -- check those sites' blogs or Twitter feeds for updates -- and once a website has its patch in place, you should change your password for that site as soon as possible.
7 replies
= new reply since forum marked as read
= new reply since forum marked as read
The difference between an encrypted web connection and a non-encrypted, can be seen in the beginning of the URL; "http" for non, "https" for encrypted.
If security in that regard is a concern to you; like, you're constantly logging in and out of DU and as such sending your password back and forth- you might want to consider using a diff. password for DU than the one you use, for instance, at the bank.
Edited to add: Also probably moot if your DU username isn't related to your bank username, etc.
