On Thu, 2014-04-10 at 23:27 +0930, Tim wrote: > Allegedly, on or about 10 April 2014, Patrick O'Callaghan sent: > > Did you also change your passwords on every vulnerable site which has > > since been fixed? > > That will be a major pain. The one address offered to check whether a > service was patched was overloaded when I tried it, and probably always > will be. So you go around changing all passwords, to be safe. And will > have to continue doing that until you're sure that it's safe (which is > never, really). > > I wonder what the outcome will be if your bank account gets ripped off > due to this, for example. Can you hold the bank liable, or are they > going to say it's your problem? My simple look at the information > provided looks like it's a server and client problem.
It's going to be difficult to demonstrate either way as the attack normally leaves no traces. poc -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
