calliopes_pen: (sallymn disaster of the day Hammond)
calliopes_pen ([personal profile] calliopes_pen) wrote2014-04-09 10:31 am
  • Add Memory
  • Share This Entry
Entry tags:

Warning: Heartbleed In OpenSSL--Don't Panic

The Heartbleed security vulnerability seems to be affecting a large portion of sites that use OpenSSL on their platform. If you haven’t already heard of it, here are a few links that explain what Heartbleed is, and how it could expose passwords and other sensitive data, such as credit card information.

Github has a list (last updated 2 hours ago, as I post this) to determine whether or not a particular website is vulnerable to Heartbleed. Dreamwidth has determined that they seem to be okay, and has a good explanation as to what could happen where they’re involved in this [site community profile] dw_maintenance post. I haven’t seen a statement from Livejournal as of yet.

A few tools were posted in this comment that help to determine a site’s vulnerability on an individual basis. If it isn’t vulnerable, feel free to change the passwords if you feel that you need to. If a site I were registered with happened to be affected, the best advice I’ve seen (and that I agree with) is to wait until it is no longer vulnerable.
Flat | Top-Level Comments Only
dhampyresa: (Default)

[personal profile] dhampyresa 2014-04-09 11:42 pm (UTC)(link)
Thanks for the Github link!
lynndyre: Sarah Jerand smiling (sarah)

[personal profile] lynndyre 2014-04-10 08:44 pm (UTC)(link)
Thank you for these links! I'd seen some, but not all.

[identity profile] frenchroast.livejournal.com 2014-04-09 06:43 pm (UTC)(link)
Thanks for this--I had a friend giving out bad advice to go ahead and change all passwords NOW on FB, and you posted this with perfect timing for me to refute him.

[identity profile] stormkpr.livejournal.com 2014-04-10 04:57 pm (UTC)(link)
Thanks! The Heartbleed thing is scary.
Flat | Top-Level Comments Only