Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

[Heartbleed bug] Have you changed your internet passwords yet?

  1. Apr 11, 2014 #1

    D H

    User Avatar
    Staff Emeritus
    Science Advisor

    If you haven't, you should rethink that thanks to the heartbleed bug. Your passwords on a supposedly secure website most likely are not secure, thanks to this bug.

    The last two xkcd.com cartoons depict the problem quite nicely:


  2. jcsd
  3. Apr 11, 2014 #2
    Does physicsforums use open SSL?
  4. Apr 11, 2014 #3
    Is there a list of (important) websites that says which sites are secure (now) and which aren't?
  5. Apr 11, 2014 #4
  6. Apr 11, 2014 #5
  7. Apr 12, 2014 #6


    User Avatar
    Staff Emeritus
    Science Advisor


    Bloomberg reports that, according to “two people familiar with the matter,” the NSA has known about the Heartbleed vulnerability for at least two years—and was exploiting it to collect information about people instead of informing those vulnerable and getting it fixed.

    According to Slate, "In early 2012 Heartbleed was mistakenly introduced into the code for OpenSSL, an open-source software component for certain popular types of encryption. It would make sense if the NSA found it soon after, because—in addition to using its influence to weaken new or existing encryption—the agency also spends millions of dollars looking for software vulnerabilities that already exist around the Web, especially in open-source code that is more likely to have inconsistent oversight, and therefore bigger errors."
  8. Apr 12, 2014 #7


    User Avatar
    Science Advisor
    Homework Helper

    I guess if I wanted to collect a lot of user data right now, a good way would be set up a website where people can enter their the user names and passwords and have them checked to see if they have been stolen :devil:
Share this great discussion with others via Reddit, Google+, Twitter, or Facebook