Heartbleed bug, change passwords?
Moderators: NeilBlanchard, Ralf Hutter, sthayashi, Lawrence Lee
Heartbleed bug, change passwords?
Should SPCR forum members change their passwords, since they may have been compromised due to the OpenSSL heartbleed bug?
Re: Heartbleed bug, change passwords?
I'd be grateful if you didn't change my password.
Your passwords on more sensitive sites than SPCR might or might not have been compromised years ago by bugs you never heard about, by breaches unrelated to bugs or even by design.
The new announcement about this old bug is mainly for people who run servers or sites.
But of course it never hurts to periodically change your important passwords and not use the same ones on many sites (or equivalent). Don't forget to change other stuff as well because it's not only passwords which are affected. The important thing to realize is that this isn't something you should do only this once.
Your passwords on more sensitive sites than SPCR might or might not have been compromised years ago by bugs you never heard about, by breaches unrelated to bugs or even by design.
The new announcement about this old bug is mainly for people who run servers or sites.
But of course it never hurts to periodically change your important passwords and not use the same ones on many sites (or equivalent). Don't forget to change other stuff as well because it's not only passwords which are affected. The important thing to realize is that this isn't something you should do only this once.
Re: Heartbleed bug, change passwords?
SPCR does not use HTTPS and is thus not affected by Heartbleed.
On the other hand, the lack of encryption means that anybody between you and the SPCR server (somebody on the same open WIFI, your ISP, routers in between) could read your password, so you might want to avoid reusing the password you use at SPCR. (And change it elsewhere if you reused it.)
On the other hand, the lack of encryption means that anybody between you and the SPCR server (somebody on the same open WIFI, your ISP, routers in between) could read your password, so you might want to avoid reusing the password you use at SPCR. (And change it elsewhere if you reused it.)
-
- *Lifetime Patron*
- Posts: 4284
- Joined: Fri Apr 04, 2003 6:21 pm
- Location: Undisclosed but sober in US
Re: Heartbleed bug, change passwords?
My precautions tend to be more like pull more cash out of the ATM and use that at Target and other stores for small purchases. I don't need this crap. The fewer transactions you create anywhere the safer you are.
Re: Heartbleed bug, change passwords?
I don't trust the ATMs. Safer to use a card imo.
-
- *Lifetime Patron*
- Posts: 2269
- Joined: Sun May 21, 2006 9:09 am
- Location: Northern California.
Re: Heartbleed bug, change passwords?
I dont trust banks (and sure as hell dont want to give them any business after the meltdown/land-grab). safer to use cash.Vicotnik wrote:I don't trust the ATMs. Safer to use a card imo.
Re: Heartbleed bug, change passwords?
For me it's more the danger of giving away too much information that bothers me with not using cash. My credit card is free, and they kick back 1% to me on everything I purchase. But they are watching me.. Feeding them bogus data as often as I can, buy stuff for friends etc. They give me money later, I get the 1% bonus, win-win.xan_user wrote:I dont trust banks (and sure as hell dont want to give them any business after the meltdown/land-grab). safer to use cash.
I get the feeling that the risk of getting ripped off is bigger with cash though. I read about modified ATMs and such.
Not to use money at all is best. Gift economy for the win.
Re: Heartbleed bug, change passwords?
Except for the person who sells you the goods (or service). They have to pay for it all.Vicotnik wrote:They give me money later, I get the 1% bonus, win-win.
I'm glad I live in a country where many merchants routinely charge customers extra if they insist on using this sort of credit card.
Re: Heartbleed bug, change passwords?
It hurts their bottom line, sure. But handling cash also costs money. Not doing business with them at all is also no good from their perspective.HFat wrote:Except for the person who sells you the goods (or service). They have to pay for it all.
When you use money; cash, card or whatever, you have already lost. No ethical way to do it.
This sort of credit card? A VISA card is like any other VISA card, right? With my previous card I payed a yearly fee and got no kickback on my purchases. Did I hurt the merchants less with that card?HFat wrote:I'm glad I live in a country where many merchants routinely charge customers extra if they insist on using this sort of credit card.
In Sweden adding a "card fee" is illegal. I think it would be proper on small purchases, since the transfer fee eats up the earnings and then some. I use cash for small stuff in the local grocery store for this reason.
Re: Heartbleed bug, change passwords?
Do you always deny the facts the of the matter this way?Vicotnik wrote:When you use money; cash, card or whatever, you have already lost. No ethical way to do it.
Doesn't Sweden have its own financial system?
This sort meaning the VISA sort obviously: gringo credit cards. The perks of lack thereof hardly matter.Vicotnik wrote:This sort of credit card? A VISA card is like any other VISA card, right? With my previous card I payed a yearly fee and got no kickback on my purchases. Did I hurt the merchants less with that card?
Re: Heartbleed bug, change passwords?
Well, I'm stating my opinion and asks for the facts. You obviously have a better grasp than me when it comes to these things. Usually you are very helpful; one has to weed out the insults, but the gist of what you are saying makes sense. Most of the time.
Re: Heartbleed bug, change passwords?
I'm going to change the name of this thread to Eyebleed, soon.