Welcome! Here are the website rules, as well as some tips for using this forum.
Need to contact us? Visit https://heatinghelp.com/contact-us/.
Click here to Find a Contractor in your area.
Heartbleed bug
Options
Gordan
Member Posts: 891
By now, at least some of you have probably heard of the bug in software that enables the secure communications between (some - reportedly about 66%, including this one) web servers and browsers (and a lot of other non-web stuff), called OpenSSL. <a href="http://heartbleed.com/">http://heartbleed.com</a> has more info, but suffice to say that it's a very serious bug that allows bad guys to steal any data from the vulnerable server's memory, such as passwords and even the server's own private key that can be used to decrypt any data sent to, and from, the server in the future, unless the key is changed. If you want to see if any website you frequent is currently vulnerable, you can type the address into the domain name field at <a href="https://www.ssllabs.com/ssltest/">https://www.ssllabs.com/ssltest/</a> and it will generate a nifty report for you. (HeatingHelp is not <em>currently</em> vulnerable, although it might have been in the past and its SSL certificate may need to be reissued - Dan?)
It's probably a very good idea to use this as a reason to change your passwords to any web sites where you have accounts, but especially those tied to your bank and investment accounts, your personal information, etc. And when you change those passwords, be sure to change any "forgotten password recovery" questions and answers, don't use the same (or similar) password for critical and noncritical sites (so that one silly website slipping up in the future doesn't expose all of your accounts to the bad guys) and use a password manager (such as <a href="http://passwordsafe.sourceforge.net/">http://passwordsafe.sourceforge.net/</a> or <a href="http://keepass.info/">http://keepass.info/</a> ) to deal with the multiple passwords in a way that won't hurt your head too much.
It's probably a very good idea to use this as a reason to change your passwords to any web sites where you have accounts, but especially those tied to your bank and investment accounts, your personal information, etc. And when you change those passwords, be sure to change any "forgotten password recovery" questions and answers, don't use the same (or similar) password for critical and noncritical sites (so that one silly website slipping up in the future doesn't expose all of your accounts to the bad guys) and use a password manager (such as <a href="http://passwordsafe.sourceforge.net/">http://passwordsafe.sourceforge.net/</a> or <a href="http://keepass.info/">http://keepass.info/</a> ) to deal with the multiple passwords in a way that won't hurt your head too much.
0
Comments
-
Out there:
Although these threats may be out there, and I don't discount vulnerabilities, I always get nervous when I can go to some Web Site, they I would never be going to is able to get information from me through my connections. I've has so many web sites warn me by my anti-virus software, what I just don't act like the reat of the sheep in the flock.
I'm sure that Dan and his administrators are on the leading edge of Spamster evil.0 -
All checked out by the techies.
We are, and have been, fine. Thanks.Retired and loving it.0
Categories
- All Categories
- 85.2K THE MAIN WALL
- 3.1K A-C, Heat Pumps & Refrigeration
- 55 Biomass
- 424 Carbon Monoxide Awareness
- 73 Chimneys & Flues
- 1.9K Domestic Hot Water
- 5.2K Gas Heating
- 129 Geothermal
- 160 Indoor-Air Quality
- 3.3K Oil Heating
- 61 Pipe Deterioration
- 884 Plumbing
- 5.9K Radiant Heating
- 376 Solar
- 14.7K Strictly Steam
- 3.2K Thermostats and Controls
- 59 Water Quality
- 49 Industry Classes
- 89 Job Opportunities
- 28 Recall Announcements