1. I read that the exploitation was discovered/created/exploited by a benign hacker. i.e. Someone who did it to draw attention and not to use it.
2. I also read that it was a real vulnerability and that, although banks, etc., would patch pretty quickly, there was a slim chance someone could have got your credentials. The advice was to change all passwords immediately and then change them again after a couple of weeks just in case. 3. Lastly, I logged into First Direct Bank and they are displaying a notice which says, "Don't worry. There's no risk. You're safe". So take your pick. Brian Sent from my iPhone > On 29 Apr 2014, at 18:23, gary smith <gazwebdes...@msn.com> wrote: > > I have just been reading a about the Heart Bleed Bug s and the report say's > open source programs can be vulnerable and that Some operating system > distributions that have shipped with potentially vulnerable OpenSSL version: > Debian Wheezy (stable), OpenSSL 1.0.1e-2+deb7u4 > Ubuntu 12.04.4 LTS, OpenSSL 1.0.1-4ubuntu5.11 > CentOS 6.5, OpenSSL 1.0.1e-15 > Fedora 18, OpenSSL 1.0.1e-4 > OpenBSD 5.3 (OpenSSL 1.0.1c 10 May 2012) and 5.4 (OpenSSL 1.0.1c 10 May 2012) > FreeBSD 10.0 - OpenSSL 1.0.1e 11 Feb 2013 > NetBSD 5.0.2 (OpenSSL 1.0.1e) > OpenSUSE 12.2 (OpenSSL 1.0.1c). > I have also seen adverts saying Heart bleed Bug removal software available. > Has anyone had any dealings with this problem or is it scare mongering. > Gary Smith > _______________________________________________ > Peterboro mailing list > Peterboro@mailman.lug.org.uk > https://mailman.lug.org.uk/mailman/listinfo/peterboro
_______________________________________________ Peterboro mailing list Peterboro@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/peterboro
