On 10 April 2014 14:57, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote: > Allegedly, on or about 10 April 2014, Patrick O'Callaghan sent: >> Did you also change your passwords on every vulnerable site which has >> since been fixed? > > That will be a major pain. The one address offered to check whether a > service was patched was overloaded when I tried it, and probably always > will be. So you go around changing all passwords, to be safe. And will > have to continue doing that until you're sure that it's safe (which is > never, really). > See http://www.theatlantic.com/technology/archive/2014/04/how-to-check-if-a-site-is-safe-from-heartbleed/360417/ for a couple of sites that can be used to test, there are probably others. > I wonder what the outcome will be if your bank account gets ripped off > due to this, for example. Can you hold the bank liable, or are they > going to say it's your problem? My simple look at the information > provided looks like it's a server and client problem. > Interestingly as the result of one of those test suites I know know that although one of the banks I use doesn't currently have the heartbleed bug they do have a different problematic vulnerability, and will shortly be getting an email about it. -- imalone http://ibmalone.blogspot.co.uk -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
