Just how serious is this threat from the Heartbleed website security flaw? The only reason I ask is because there is so much conflicting advice about what I should do, regarding changing passwords and so on.
It could have been very serious indeed but the industry has moved quickly and virtually all of the major institutions and sites where it could have been a problem have been fixed. Even so, a lot of websites are still vulnerable. Visiting site’s home page to check its status is worth doing but there are other ways, but only if you are using the Firefox or Chrome browsers. Two plug-ins and an extension have been developed that check for the flaw, they are Foxbleed, Heartbleed-ext and Chromebleed.
They indicate, using coloured, heart-shaped icons whether or not the site you are visiting has been patched. As a final precaution you can enter the web address in a Heartbleed Test website that also tells you if the site is safe. In the end, though, the best advice to stay safe on the web has not changed, and that is to use long, unguessable passwords, (i.e. no names or words), using a mixture of characters and punctuation marks. Use a different password for each site and change them on a regular basis.
It could have been very serious indeed but the industry has moved quickly and virtually all of the major institutions and sites where it could have been a problem have been fixed. Even so, a lot of websites are still vulnerable. Visiting site’s home page to check its status is worth doing but there are other ways, but only if you are using the Firefox or Chrome browsers. Two plug-ins and an extension have been developed that check for the flaw, they are Foxbleed, Heartbleed-ext and Chromebleed.
They indicate, using coloured, heart-shaped icons whether or not the site you are visiting has been patched. As a final precaution you can enter the web address in a Heartbleed Test website that also tells you if the site is safe. In the end, though, the best advice to stay safe on the web has not changed, and that is to use long, unguessable passwords, (i.e. no names or words), using a mixture of characters and punctuation marks. Use a different password for each site and change them on a regular basis.
No comments:
Post a Comment