Worried about Heartbleed?
Worried about Heartbleed?
Buying knives (not to mention other business transactions) on the Net has become more than worrisome with the announcement of the Heartbleed vulnerability.
Using a Heartbleed checker, I have found that Cutlery Shoppe and Knifeworks are not and have not been vulnerable to Heartbleed. Among other knife dealers I've bought knives from, Howes Knife Shop, New Graham Knives, Grand Prairie Knives and Blade HQ are possibly vulnerable...
Care to add what seems safe and unsafe?
Using a Heartbleed checker, I have found that Cutlery Shoppe and Knifeworks are not and have not been vulnerable to Heartbleed. Among other knife dealers I've bought knives from, Howes Knife Shop, New Graham Knives, Grand Prairie Knives and Blade HQ are possibly vulnerable...
Care to add what seems safe and unsafe?
-Marc (pocketing an S110V Native5 today)
“When science changes its opinion, it didn’t lie to you. It learned more.”
“When science changes its opinion, it didn’t lie to you. It learned more.”
- phillipsted
- Member
- Posts: 3674
- Joined: Tue Oct 05, 2010 11:30 am
- Location: North Virginia
THE LIST - as of noon 11 APR:
Change these passwords now (they were patched)
Google, YouTube and Gmail
Facebook
Yahoo, Yahoo Mail, Tumblr, Flickr
OKCupid
Wikipedia
Don't worry about these (they don't use the affected software, or ran a different version)
Amazon
AOL and Mapquest
Bank of America
Capital One bank
Charles Schwab
Chase bank
Citibank
E*Trade
Fidelity
HSBC bank
LinkedIn
Microsoft, Hotmail and Outlook
PayPal
PNC bank
Scottrade
TD Ameritrade
Twitter
U.S. Bank
Vanguard
Wells Fargo
Don't change these passwords yet (still unclear, no response)
American Express
Apple, iCloud and iTunes
Healthcare.gov
Change these passwords now (they were patched)
Google, YouTube and Gmail
Yahoo, Yahoo Mail, Tumblr, Flickr
OKCupid
Wikipedia
Don't worry about these (they don't use the affected software, or ran a different version)
Amazon
AOL and Mapquest
Bank of America
Capital One bank
Charles Schwab
Chase bank
Citibank
E*Trade
Fidelity
HSBC bank
Microsoft, Hotmail and Outlook
PayPal
PNC bank
Scottrade
TD Ameritrade
U.S. Bank
Vanguard
Wells Fargo
Don't change these passwords yet (still unclear, no response)
American Express
Apple, iCloud and iTunes
Healthcare.gov
- Strong-Dog
- Member
- Posts: 703
- Joined: Sat Dec 14, 2013 7:49 pm
- Contact:
Dead Serious!
^^^ Here:
http://heartbleed.com/
A lot of experts had said this would be in a scale from 0 to 10, a solid +11 vulnerability. :eek:
http://heartbleed.com/
A lot of experts had said this would be in a scale from 0 to 10, a solid +11 vulnerability. :eek:
Stay Sharp!
- Strong-Dog
- Member
- Posts: 703
- Joined: Sat Dec 14, 2013 7:49 pm
- Contact:
Thanks, changed all of my google related passwords. I'm assuming eBay is ok, since Paypal is? I would also like to know which dealers are affected, as I just ordered from Howes, GPKnives, and maybe some others I can't think ofLC Kid wrote:^^^ Here:
http://heartbleed.com/
A lot of experts had said this would be in a scale from 0 to 10, a solid +11 vulnerability. :eek:
"For a second, I thought I was dead, but when I heard all the noise I knew they were cops. Only cops talk that way. If they had been wiseguys, I wouldn't have heard a thing. I would've been dead."
-Henry Hill
-Henry Hill
Check wrdwrght's initial postStrong-Dog wrote:Thanks, changed all of my google related passwords. I'm assuming eBay is ok, since Paypal is? I would also like to know which dealers are affected, as I just ordered from Howes, GPKnives, and maybe some others I can't think of
What is truth? Pontius Pilate
- Strong-Dog
- Member
- Posts: 703
- Joined: Sat Dec 14, 2013 7:49 pm
- Contact:
I know he said they're possible vulnerable, I was wondering if anyone knows for surepaladin wrote:Check wrdwrght's initial post
"For a second, I thought I was dead, but when I heard all the noise I knew they were cops. Only cops talk that way. If they had been wiseguys, I wouldn't have heard a thing. I would've been dead."
-Henry Hill
-Henry Hill
That's definitely a good point. There's rumblings that the federal government may have known of the exploit and kept it quiet so they could continue to have far-reaching access to important information. I'm not sure if that's true or not. But once this exploit hit the web, I'm sure every hacker saw an opportunity to test the waters.JNewell wrote:The issue is not who's vulnerable today - this vulnerability has existed for something like a year or two. So I would think that most of the damage has already been done...?
I'm a firm believer in LastPass and went through all of my financial-related websites and changed my passwords. Caution is better than negligence.
A good rule of thumb, regardless of vulnerability, is to change the passwords to your important accounts on a regular basis and NEVER use the same password for all of your accounts. Have separate passwords for email, banking, online retailers, social websites, etc. That way if someone manages to grab, for example, your Facebook password then they also won't have immediate access to your banking info.
Jason
I hear you, Ken, but I'm not so sure we wouldn't screw ourselves over as some other kind of civilization...kbuzbee wrote:The more I learn, the more I HATE computer based civilization.
Looking for some comfort in the Heartbleed wilderness? How about this one.
-Marc (pocketing an S110V Native5 today)
“When science changes its opinion, it didn’t lie to you. It learned more.”
“When science changes its opinion, it didn’t lie to you. It learned more.”
Looked it over. Discovered that I'm not smart enough to use LastPass It says there is some kind of plugin needed but not where that plugin might be found. I guess it's a secretD1omedes wrote: I'm a firm believer in LastPass and went through all of my financial-related websites and changed my passwords. Caution is better than negligence.
No doubt about that.wrdwrght wrote:I hear you, Ken, but I'm not so sure we wouldn't screw ourselves over as some other kind of civilization...
Good to know but there's always the next disaster if this one doesn't get you.wrdwrght wrote:Looking for some comfort in the Heartbleed wilderness? How about this one.
Ken
玉鋼
- The Deacon
- Member
- Posts: 25717
- Joined: Fri Sep 24, 2004 10:33 am
- Location: Upstate SC, USA
- Contact:
True Ken, and even if you don't own a computer they can still get you. The Experian data breach has potentially exposed pretty much everyone in the USA who has, or has ever had, credit of any kind in their own name, some TWO HUNDRED MILLION people in all, to identity theft.kbuzbee wrote:The more I learn, the more I HATE computer based civilization.
(Thanks for the heads up, fellas!)
Ken
Paul
My Personal Website ---- Beginners Guide to Spyderco Collecting ---- Spydiewiki
Deplorable :p
WTC # 1458 - 1504 - 1508 - Never Forget, Never Forgive!
My Personal Website ---- Beginners Guide to Spyderco Collecting ---- Spydiewiki
Deplorable :p
WTC # 1458 - 1504 - 1508 - Never Forget, Never Forgive!
One thing that I read this week that interested me was that medical data is much more valuable than financial data. It can be used to generate false insurance claims and false prescriptions. I assume that the processes in place to monitor fraud in these areas must be less sophisticated than those run by banks and some other financial institutions.
I think your assumption is correct. The prospect is certainly scary.JNewell wrote:One thing that I read this week that interested me was that medical data is much more valuable than financial data. It can be used to generate false insurance claims and false prescriptions. I assume that the processes in place to monitor fraud in these areas must be less sophisticated than those run by banks and some other financial institutions.
-Marc (pocketing an S110V Native5 today)
“When science changes its opinion, it didn’t lie to you. It learned more.”
“When science changes its opinion, it didn’t lie to you. It learned more.”
- Pinetreebbs
- Member
- Posts: 1833
- Joined: Sat Jun 26, 2010 6:55 am
- Location: SC
Ken, the 'plugin' is an application that works inside of your browser, more like an added feature than an application. If you visit this link, it should recognize your particular browser and display the plugin for your browser. They also have applications for Android and Apple smartphones and tablets.kbuzbee wrote:Looked it over. Discovered that I'm not smart enough to use LastPass It says there is some kind of plugin needed but not where that plugin might be found. I guess it's a secret ...
I am a long time LP user. It took a little time to get used to not minding PWs, but I can't imagine not using LP to generate strong passwords and remember them for me.
Have you joined Knife Rights yet?
Go to: http://www.KnifeRights.org
Protecting your Right to own and carry the knives YOU choose.
Go to: http://www.KnifeRights.org
Protecting your Right to own and carry the knives YOU choose.