Jump to content

Heartbleed

Cellar

By Cellar
in Help & Support

Recommended Posts

  • Replies 32
  • Created
  • Last Reply
Cellar

Cellar

Posted

Done, thanks :thumbup:

 

Problem is that it's pointless to change your password if the site hasn't been patched, and the LastPass hearttbleed checker can't check thehub.

Link to comment
Share on other sites
Cellar

Cellar

Posted
Next, change your passwords for major accounts — email, banking and social media logins — on sites that were affected by Heartbleed but patched the problem. However, if the site or service hasn't patched the flaw yet, there's no point to changing your password. Instead, ask the company when it expects to push out a fix to deal with Heartbleed.
Link to comment
Share on other sites
Kranky

Kranky

Posted

I love how the security team behind releasing the bug have created such a great marketing/branding strategy. Bug announcements are usually so drab, and a big one like this really did need something special. Check out their site: http://heartbleed.com/

Link to comment
Share on other sites
Guest EdEdEd

Guest EdEdEd

Posted

Please explain to the stupid people: (i.e. me)

Link to comment
Share on other sites
Cellar

Cellar

Posted

Please explain to the stupid people: (i.e. me)

 

You know when you see https in the website address? that means the communication between you and the webserver is encrypted using SSL. The OpenSSL implementation of this has a security vulnerability that allows someone to intercept and access your info. Now, the problem is that even when you don't use the secure (https) version of a site, very often the sending of authentication info (password) is sent via SSL, so even a site like this one, which doesn't have an https version may have leaked your username/password during the login process.

Link to comment
Share on other sites
Guest EdEdEd

Guest EdEdEd

Posted

You know when you see https in the website address? that means the communication between you and the webserver is encrypted using SSL. The OpenSSL implementation of this has a security vulnerability that allows someone to intercept and access your info. Now, the problem is that even when you don't use the secure (https) version of a site, very often the sending of authentication info (password) is sent via SSL, so even a site like this one, which doesn't have an https version may have leaked your username/password during the login process.

:eek: :o

 

So change all my passwords?

 

But how does one know said site implemented the Fixed OpenSSL?

Link to comment
Share on other sites
Iwan Kemp

Iwan Kemp

Posted

You know when you see https in the website address? that means the communication between you and the webserver is encrypted using SSL. The OpenSSL implementation of this has a security vulnerability that allows someone to intercept and access your info. Now, the problem is that even when you don't use the secure (https) version of a site, very often the sending of authentication info (password) is sent via SSL, so even a site like this one, which doesn't have an https version may have leaked your username/password during the login process.

 

Thanks for the explanation. Just to be clear, is the worst that can happen here somebody gets my Hub password an post in my behalf?

Link to comment
Share on other sites
Uni

Uni

Posted

You know when you see https in the website address? that means the communication between you and the webserver is encrypted using SSL. The OpenSSL implementation of this has a security vulnerability that allows someone to intercept and access your info. Now, the problem is that even when you don't use the secure (https) version of a site, very often the sending of authentication info (password) is sent via SSL, so even a site like this one, which doesn't have an https version may have leaked your username/password during the login process.

 

how would it be different if at all if you use something like Tapatalk?

Link to comment
Share on other sites
Guest EdEdEd

Guest EdEdEd

Posted

Thanks for the explanation. Just to be clear, is the worst that can happen here somebody gets my Hub password an post in my behalf?

And any other site...

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
Buy & Sell Forums Events News Stolen Bikes
Latest Ads Create Ad

All Categories

Cycling Industry Jobs All Categories

Bikes

Mountain Bikes Road Bikes Electric Bikes Triathlon & Time Trial Bikes Gravel & Cyclocross Bikes Commuter Bikes Kids Bikes Track Bikes Fat Bikes Tandem Bikes BMX Bikes Vintage Bikes Unicycles All Bikes

Electric Bikes

Mountain E-Bikes Road E-Bikes Commuter E-Bikes E-bike Frames & Parts All Electric Bikes

Frames

MTB Frames Road Frames Triathlon & TT Frames Gravel & CX Frames All Frames

Components

Drivetrain (Gears) All MTB Components All Road Components MTB Groupsets Road Groupsets Forks Rear Shocks Brakes Handlebars Stems Saddles Seat Posts Dropper Seat Posts Pedals Power Meters Vintage Components All Components

Wheels & Tyres

Complete Wheels Road Bike Wheels MTB Wheels Gravel Bike Wheels Rims Hubs Road Tyres MTB Tyres Gravel Tyres All Wheels & Tyres

Accessories

Electronic Gadgets Computers & GPS Watches & Wearables Bike Racks & Trailers Indoor Trainers & Accessories Kids Seats & Carriers Hydration & Bottles Bags & Backpacks Workshop & Tools Safety & Bike Protection Nutrition & Body All Accessories

Clothing & Apparel

Shoes Helmets Eyewear Jerseys Lycra Shorts Baggy Shorts Jackets Trisuits & Wetsuits Gloves Protective Gear Other Apparel All Clothing & Apparel

Events & Services

Event Entries Accommodation & Tours Shuttles & Bike Transport Cycling Industry Jobs Bike Services & Repairs Bike Fitment, Coaching & Training Bike Rentals Other Services All Events & Services
Sell on Bike Hub
Active Topics

Forums

General The Bike Room Sponsored
New to Cycling Ask Anything What Bike to Buy?
Gear & Bikes Tech Q&A Buyers Advice New Gear Post Your Bike & Projects Bike Shops & Services Retro / Vintage Bikes
Events & Training Events Pro Cycling Training, Health & Nutrition
Riding Group Rides Routes & Trails Share your Ride & Travels
Discipline-Specific Gravity Fixie & Singlespeed Commuting Multisport
Safety & Awareness Stolen Bikes Cycling Safety Fraud Alert Lost & Found Good Causes
Off Topic Chit Chat
Create a Topic Search Forums
Tech Events & Industry News Adventure & Travel Tips & Advice Promotions View all
Upcoming Events Create Event

All Event Categories

Browse by Category Mountain Bike Gravel and Cyclocross Virtual Ride Road Multisport General and Industry
Browse by Province Gauteng KwaZulu-Natal Free State Mpumalanga Northern Cape Western Cape Eastern Cape Limpopo North West International
Guest
Settings
    • My Forum Content My Followed Content Forum Settings
    • Ad Messages My Ads My Favourites My Saved Alerts My Pay Deals
    • Help Logout