More about Heartbleed

Mariano Amartino, from the blog Denken Über [es], explains on a detailed and graphic post the OpenSSL software vulnerability known as Heartbleed and notes that:

Speaking clearly, the ONLY way of fixing this problem is that vulnerable sites (more than tens of thousands) carry out an OpenSSL update and issue their security certificates again.

What does this mean for me? Basically, that even though you change the password, if the certificate hasn't been updated, it is still vulnerable (you can check site by site using this Heartbleed vulnerability tool on Lastpass) and by using the same password, almost all your online presence is compromised :)

Start the conversation

Authors, please log in »

Guidelines

  • All comments are reviewed by a moderator. Do not submit your comment more than once or it may be identified as spam.
  • Please treat others with respect. Comments containing hate speech, obscenity, and personal attacks will not be approved.