User Tag List

Thanks useful information Thanks useful information:  28
Results 1 to 10 of 10

Thread: OpenSSL : heartbleed Bug : Password resets

  1. #1
    Administrator ricktas's Avatar
    Join Date
    24 Jun 2007
    Location
    Hobart
    Posts
    15,366
    Mentioned
    9 Post(s)
    Tagged
    1 Thread(s)

    OpenSSL : heartbleed Bug : Password resets

    Some of you may have heard, since yesterday, an announcement about a compromise of OpenSSL, that has allowed it to be vulnerable for around the last 2 years, to hacking.

    Over the coming days, it is likely you will be contacted and asked to change your internet passwords, for your banking sites, online emails (gmail, hotmail, etc) and likely many other passwords as well.

    For re-assurance, Ausphotography does not use OpenSSL on our server, thus we are not affected by this bug.

    More information here:

    http://www.bbc.com/news/technology-26954540

    http://www.businessinsider.com.au/he...plainer-2014-4

    http://heartbleed.com/
    "It is one thing to make a picture of what a person looks like, it is another thing to make a portrait of who they are" - Paul Caponigro

    Constructive Critique of my photographs is always appreciated
    Nikon, etc!

    RICK
    My Photography

  2. #2
    Ausphotography Regular
    Join Date
    01 Dec 2011
    Location
    Brisbane
    Posts
    1,723
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the update and general educational insight into on-line vulnerability.

    Cheers

    Dennis

  3. #3
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,640
    Mentioned
    16 Post(s)
    Tagged
    0 Thread(s)
    Further information:

    We would have used OpenSSL if we used encrypted connections.
    We don't encrypt the site because we don't need to.

    The shop uses Paypal, which is encrypted, but managed by Paypal.
    regards, Kym Gallery Honest & Direct Constructive Critique Appreciated! ©
    Digital & film, Bits of glass covering 10mm to 500mm, and other stuff



  4. #4
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,640
    Mentioned
    16 Post(s)
    Tagged
    0 Thread(s)

  5. #5
    Member michaellxv's Avatar
    Join Date
    25 Jan 2013
    Location
    Seacombe Gardens
    Posts
    246
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ricktas View Post
    Over the coming days, it is likely you will be contacted and asked to change your internet passwords, for your banking sites, online emails (gmail, hotmail, etc) and likely many other passwords as well.
    Just got my first email since this bug went public from a site requesting me to verify my details etc.
    Problem is that it is rather well constructed but does not look entirely legit. Be warned yet agin, don't click on the email links and type a known address into your browser or use your saves links.

  6. #6
    Ausphotography irregular Mark L's Avatar
    Join Date
    21 Nov 2010
    Location
    magical Mudgee
    Posts
    17,528
    Mentioned
    26 Post(s)
    Tagged
    0 Thread(s)
    You can check any site you're worried about here ...... http://filippo.io/Heartbleed/
    Says Paypal is not affected.

  7. #7
    Moderately Underexposed I @ M's Avatar
    Join Date
    04 May 2007
    Location
    Marlo, Far East Gippsland
    Posts
    4,892
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Mark L View Post
    Says Paypal is not affected.
    Of course pay$al isn't affected, there is no way they would allow anyone to steal $$$$ from someone that THEY can rip off.
    Andrew
    Nikon, Fuji, Nikkor, Sigma, Tamron, Tokina and too many other bits and pieces to list.



  8. #8
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,640
    Mentioned
    16 Post(s)
    Tagged
    0 Thread(s)
    Calm down

    There is little evidence of this bug being exploited in the wild; most sites have fixed the problem already.
    The leak of 22 million+ Adobe accounts recently was a much worse issue in practice.
    That said, changing passwords on regular basis is a good idea.
    We have a password generator in the APextras menu pull down if you need one.

    Their will be a lot of hype about this issue, and remember many have vested interests in making it worse than it really is.

    The real threat, as indicated by posts earlier in this thread, will be by social engineering attacks typically by SPAM email.
    Don't click links in emails. Use the known URL for Paypal, eBay, your bank etc.

  9. #9
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,640
    Mentioned
    16 Post(s)
    Tagged
    0 Thread(s)
    A simple overview (a bit hyped) http://www.theage.com.au/digital-lif...=1397102935877


    NAB said it had "not been exposed" to Heartbleed. "Our customers do not need to change their internet banking passwords," it said.

    Westpac said it was aware of Heartbleed but was "not susceptible".

    ANZ said it was unaffected.

    Commonwealth Bank said that it had "patched against the Heartbleed bug". It is understood, however, that only the bank's main website was affected and not its online banking website, NetBank. This means that CBA financial data was highly unlikely to have been compromised by the flaw.

  10. #10
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,640
    Mentioned
    16 Post(s)
    Tagged
    0 Thread(s)
    Some affected sites:
    https://en.wikipedia.org/wiki/Heartb...s_and_services

    • Imgur
    • 500px
    • Flickr

    I'm glad I have different passwords on different sites

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •