Saturday, April 12, 2014

Heatbleed vulnerability news


Warning to all users of all computer systems. The vulnerability called Heartbleed means you should reset your passwords on secure web sites that you visit. This does not mean you need to change the password on your computer; we are talking web sites here. You may want to check and see if the site has been fixed before changing your password. Keep in mind that Apple sites are not effected by this vulnerability. This means that your iCloud, iTunes, and Apple Apps store accounts are all good.

The following information is from the lowendmac.com. You may want to check there for updates on sites.

Go to this web site  http://filippo.io/Heartbleed/ to check the domain to see if it has been fixed. LastPass has developed its own site checker at https://lastpass.com/heartbleed/ and seems to have more helpful notes.

Sites that were never in danger
  • 1040.com
  • 1password.com
  • about.com
  • amazon.com
  • aol.com
  • apple.com
  • ask.com
  • avg.com
  • bankofamerica.com
  • barclays.com
  • bing.com
  • capitalone.com
  • chase.com
  • citigroup.com
  • cnn.com
  • comcast.net
  • etrade.com
  • ebay.com and other eBay sites
  • evernote.com
  • fidelity.com
  • fileyourtaxes.com
  • groupon.com
  • healthcare.gov
  • hotmail.com
  • hrblock.com
  • hulu.com
  • intuit.com (TurboTax)
  • irs.gov
  • linkedin.com
  • microsoft.com
  • msn.com
  • outlook.com
  • paypal.com
  • pnc.com
  • schwab.com
  • scottrade.com
  • skype.com
  • target.com
  • taxact.com
  • tdameritrade.com
  • tdbank.com
  • troweprice.com
  • twitter.com
  • usbank.com
  • vanguard.com
  • vimeo.com
  • walmart.com
  • weather.com
  • wellsfargo.com
  • wordpress.com
Safe Now – Change Your Password
  • Amazon Web Services
  • box.com
  • dashlane.com
  • dropbox.com
  • etsy.com
  • facebook.com
  • flikr.com
  • github.com
  • gmail.com
  • godaddy.com
  • google.com and other Google search websites
  • ifttt.com
  • imgur.com
  • instagram.com
  • lastpass.com
  • mail.yahoo.com
  • minecraft.com
  • netflix.com
  • pinterest.com
  • tumblr.com
  • usaa.com
  • yahoo.com
  • youtube.com

Me again, I felt lowendmac and lastpass did a really good job of of informing us of this, so please give them the credit for where and what is broken, OK, and fixed.

If you are not using something like lastpass or 1Password, be sure your password is at least 8 characters long with at least 1 capital letter and 1 number. Be sure you write it down in such a way that you will remember it. For example you might underline any capital letter so that you remember it's not lower case. The longer your password, the harder it is for hackers to guess it. So go do that now! Be sure and note down the new passwords and login in for each site you change.