Home About Backup Broadband Charity Christmas Contact Covid-19 Custom Build Data Rescue Healthcheck Installation Links Problems Rates Remote Help Service Area Security News Slow Computer Support Upgrades Web Design

Click to email for computer help Telephone 01825 763802 for computer support

Security News - Heartbleed

The Heartbleed internet security flaw.

9th April 2014

Heartbleed is a bit of monumental cock-up.

Some versions of a piece of code widely used on web servers that is used for secure transactions (eg.account login) has contained a bug since 2012. The upshot of which is it has been possible for around 2 years to see your passwords if you visited an affected web site.

For all those using the same password this is a particular disaster because they are all exposed by just the one afflicted site.

The word is that no-one knew about it until about a week ago but you probably shouldn't rely on that.

The problem now is:

If you don't change your password someone may have it.
If you do and the website has not updated their servers then someone may get both the old and the new!

Websites should be contacting their customers and telling them to change their password if they were affected and they have fixed it. Ideally those not affected should let you know they were not affected. But there seems to be very little response.

These two links contain lists of some of the few who seem to have declared their position:

  1. From the BBC more relevant to the UK
  2. From Mashable some other sites that you may use

I suggest you change passwords where they declare they have fixed the problem and probably those that claim they have never had a problem (just in case they are being economical with the truth).

Others I would wait for a while and consider closing the account if they are not forthcoming with a definitive answer.

There are some tools from reputable security software vendors that CLAIM to check which sites currently have the problem when accessed via a computer/laptop:

and this for android devices using a browser (not android apps) :