Skip to main content

The BBC have an article about the heartbleed bug:

http://www.bbc.co.uk/news/technology-26971363

It includes a table of some of the major sites people use in this country:

 

NameVulnerable?Patched?Change password?

Amazon

No

No need

Only if shared with vulnerable service

Amazon Web Services

Yes

Yes

Yes

Apple

Not clear

Not clear

Not clear

Barclays

No

No

Only if shared with vulnerable service

eBay

No

No need

Only if shared with vulnerable service

Evernote

No

No need

Only if shared with vulnerable service

Facebook

Yes

Yes

Yes

Google/Gmail

Yes

Yes

Yes

HSBC

No

No need

Only if shared with vulnerable service

If This Then That

Yes

Yes

Will force users to log out and ask them to update

LinkedIn

No

No need

Only if shared with vulnerable service

Lloyds

No

No need

No

Microsoft/Hotmail/Outlook

No

No need

Only if shared with vulnerable service

PayPal

No

No need

Only if shared with vulnerable service

RBS/Natwest

No

No need

Only if shared with vulnerable service

Santander

No

No need

Only if shared with vulnerable service

Tumblr

Yes

Yes

Yes

Twitter

No

No need

Only if shared with vulnerable service

Yahoo/Yahoo Mail

Yes

Yes

Yes

El Loro
Originally Posted by Yogi19:

I've checked out a couple of sites I use, via the link on the BBC site, and it says to change your password - but wait until the patch has been added by the site. How do I know if/when a site has added the patch?

I think the sites which are in the table above which show that they were vulnerable but now patched are OK to go ahead and change passwords. For other sites it's confusing. It is likely that larger sites which are affected should be patched by the end of today (the tech people were talking about 4 hours from when the news became mainstream). So avoid using the sites today, then change the passwords over the weekend. Small sites may take longer to be sorted out.

 

El Loro
Originally Posted by El Loro:
Originally Posted by Yogi19:

I've checked out a couple of sites I use, via the link on the BBC site, and it says to change your password - but wait until the patch has been added by the site. How do I know if/when a site has added the patch?

I think the sites which are in the table above which show that they were vulnerable but now patched are OK to go ahead and change passwords. For other sites it's confusing. It is likely that larger sites which are affected should be patched by the end of today (the tech people were talking about 4 hours from when the news became mainstream). So avoid using the sites today, then change the passwords over the weekend. Small sites may take longer to be sorted out.

 

Thanks El, that's a great help.

Yogi19
Originally Posted by El Loro:
Originally Posted by Yogi19:

I've checked out a couple of sites I use, via the link on the BBC site, and it says to change your password - but wait until the patch has been added by the site. How do I know if/when a site has added the patch?

I think the sites which are in the table above which show that they were vulnerable but now patched are OK to go ahead and change passwords. For other sites it's confusing. It is likely that larger sites which are affected should be patched by the end of today (the tech people were talking about 4 hours from when the news became mainstream). So avoid using the sites today, then change the passwords over the weekend. Small sites may take longer to be sorted out.

 

Thanks EL, I have changed my FB one which is the only one affected I think.

squiggle
Originally Posted by Ells:
Originally Posted by Enthusiastic Contrafibularities:

 

 

Nope, no one managed to get it. 

I don't know any Depeche Mode songs ( I am waaaaaaaaaayyyyy too young for that )  but didn't you once say your passwords are the first letter of the first word in the lines of a song or something like that?

 

Yes, you are right, that is exactly what I do  Good memory.

 

Please don;t take this the wrong way Ells, not meant as a dig in any way  but knowing Depeche Mode songs has nothing to do with age, it's more to do with interest. My 14 year old niece is very much into the music of the Mod scene from the 60's and 80's. She also has an interest in current music. I think if you are just into contemporary music, that's fine, but there are plenty of people who like to look back and enjoy some of the great music of the past.

 

What's betting you go straight out today and buy up the DM back catalogue 

Enthusiastic Contrafibularities
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by Ells:
Originally Posted by Enthusiastic Contrafibularities:

 

 

Nope, no one managed to get it. 

I don't know any Depeche Mode songs ( I am waaaaaaaaaayyyyy too young for that )  but didn't you once say your passwords are the first letter of the first word in the lines of a song or something like that?

 

Yes, you are right, that is exactly what I do  Good memory.

 

Please don;t take this the wrong way Ells, not meant as a dig in any way  but knowing Depeche Mode songs has nothing to do with age, it's more to do with interest. My 14 year old niece is very much into the music of the Mod scene from the 60's and 80's. She also has an interest in current music. I think if you are just into contemporary music, that's fine, but there are plenty of people who like to look back and enjoy some of the great music of the past.

 

What's betting you go straight out today and buy up the DM back catalogue 

Dammit EC!!!  You made me go google their songs and it turns out I'm not that young after all  I may know a song or two after all.  BUT, in my defence, I couldn't have told you that 'I just can't get enough' was a DP song.  I just know songs from that time, not the bands/singers.

 

And it's because I'm too young.....alright?    

Ells

Add Reply

×
×
×
×
Link copied to your clipboard.
×
×