Heartbleed bug, change passwords?

Our "pub" where you can post about things completely Off Topic or about non-silent PC issues.

Moderators: NeilBlanchard, Ralf Hutter, sthayashi, Lawrence Lee

Post Reply
Tzupy
*Lifetime Patron*
Posts: 1561
Joined: Wed Jan 12, 2005 10:47 am
Location: Bucharest, Romania

Heartbleed bug, change passwords?

Post by Tzupy » Wed Apr 09, 2014 2:05 am

Should SPCR forum members change their passwords, since they may have been compromised due to the OpenSSL heartbleed bug?

HFat
Posts: 1753
Joined: Thu Jul 03, 2008 4:27 am
Location: Switzerland

Re: Heartbleed bug, change passwords?

Post by HFat » Wed Apr 09, 2014 8:13 am

I'd be grateful if you didn't change my password. :-)

Your passwords on more sensitive sites than SPCR might or might not have been compromised years ago by bugs you never heard about, by breaches unrelated to bugs or even by design.
The new announcement about this old bug is mainly for people who run servers or sites.
But of course it never hurts to periodically change your important passwords and not use the same ones on many sites (or equivalent). Don't forget to change other stuff as well because it's not only passwords which are affected. The important thing to realize is that this isn't something you should do only this once.

johannes
Posts: 53
Joined: Tue Oct 23, 2012 8:13 am
Location: Suisse Romande

Re: Heartbleed bug, change passwords?

Post by johannes » Wed Apr 09, 2014 11:16 am

SPCR does not use HTTPS and is thus not affected by Heartbleed.

On the other hand, the lack of encryption means that anybody between you and the SPCR server (somebody on the same open WIFI, your ISP, routers in between) could read your password, so you might want to avoid reusing the password you use at SPCR. (And change it elsewhere if you reused it.)

aristide1
*Lifetime Patron*
Posts: 4284
Joined: Fri Apr 04, 2003 6:21 pm
Location: Undisclosed but sober in US

Re: Heartbleed bug, change passwords?

Post by aristide1 » Sun Apr 20, 2014 6:32 pm

My precautions tend to be more like pull more cash out of the ATM and use that at Target and other stores for small purchases. I don't need this crap. The fewer transactions you create anywhere the safer you are.

Vicotnik
*Lifetime Patron*
Posts: 1831
Joined: Thu Feb 13, 2003 6:53 am
Location: Sweden

Re: Heartbleed bug, change passwords?

Post by Vicotnik » Mon Apr 21, 2014 4:55 am

I don't trust the ATMs. Safer to use a card imo.

xan_user
*Lifetime Patron*
Posts: 2269
Joined: Sun May 21, 2006 9:09 am
Location: Northern California.

Re: Heartbleed bug, change passwords?

Post by xan_user » Mon Apr 21, 2014 8:05 am

Vicotnik wrote:I don't trust the ATMs. Safer to use a card imo.
I dont trust banks (and sure as hell dont want to give them any business after the meltdown/land-grab). safer to use cash.

Vicotnik
*Lifetime Patron*
Posts: 1831
Joined: Thu Feb 13, 2003 6:53 am
Location: Sweden

Re: Heartbleed bug, change passwords?

Post by Vicotnik » Tue Apr 22, 2014 10:59 pm

xan_user wrote:I dont trust banks (and sure as hell dont want to give them any business after the meltdown/land-grab). safer to use cash.
For me it's more the danger of giving away too much information that bothers me with not using cash. My credit card is free, and they kick back 1% to me on everything I purchase. But they are watching me.. Feeding them bogus data as often as I can, buy stuff for friends etc. They give me money later, I get the 1% bonus, win-win.
I get the feeling that the risk of getting ripped off is bigger with cash though. I read about modified ATMs and such.

Not to use money at all is best. Gift economy for the win. :)

HFat
Posts: 1753
Joined: Thu Jul 03, 2008 4:27 am
Location: Switzerland

Re: Heartbleed bug, change passwords?

Post by HFat » Wed Apr 23, 2014 3:12 am

Vicotnik wrote:They give me money later, I get the 1% bonus, win-win.
Except for the person who sells you the goods (or service). They have to pay for it all.

I'm glad I live in a country where many merchants routinely charge customers extra if they insist on using this sort of credit card.

Vicotnik
*Lifetime Patron*
Posts: 1831
Joined: Thu Feb 13, 2003 6:53 am
Location: Sweden

Re: Heartbleed bug, change passwords?

Post by Vicotnik » Wed Apr 23, 2014 7:50 am

HFat wrote:Except for the person who sells you the goods (or service). They have to pay for it all.
It hurts their bottom line, sure. But handling cash also costs money. Not doing business with them at all is also no good from their perspective.

When you use money; cash, card or whatever, you have already lost. ;) No ethical way to do it.
HFat wrote:I'm glad I live in a country where many merchants routinely charge customers extra if they insist on using this sort of credit card.
This sort of credit card? A VISA card is like any other VISA card, right? With my previous card I payed a yearly fee and got no kickback on my purchases. Did I hurt the merchants less with that card?

In Sweden adding a "card fee" is illegal. I think it would be proper on small purchases, since the transfer fee eats up the earnings and then some. I use cash for small stuff in the local grocery store for this reason.

HFat
Posts: 1753
Joined: Thu Jul 03, 2008 4:27 am
Location: Switzerland

Re: Heartbleed bug, change passwords?

Post by HFat » Wed Apr 23, 2014 9:19 am

Vicotnik wrote:When you use money; cash, card or whatever, you have already lost. ;) No ethical way to do it.
Do you always deny the facts the of the matter this way?

Doesn't Sweden have its own financial system?
Vicotnik wrote:This sort of credit card? A VISA card is like any other VISA card, right? With my previous card I payed a yearly fee and got no kickback on my purchases. Did I hurt the merchants less with that card?
This sort meaning the VISA sort obviously: gringo credit cards. The perks of lack thereof hardly matter.

Vicotnik
*Lifetime Patron*
Posts: 1831
Joined: Thu Feb 13, 2003 6:53 am
Location: Sweden

Re: Heartbleed bug, change passwords?

Post by Vicotnik » Wed Apr 23, 2014 10:58 pm

Well, I'm stating my opinion and asks for the facts. You obviously have a better grasp than me when it comes to these things. Usually you are very helpful; one has to weed out the insults, but the gist of what you are saying makes sense. Most of the time. ;)

CA_Steve
Moderator
Posts: 7650
Joined: Thu Oct 06, 2005 4:36 am
Location: St. Louis, MO

Re: Heartbleed bug, change passwords?

Post by CA_Steve » Thu Apr 24, 2014 6:07 am

I'm going to change the name of this thread to Eyebleed, soon.

Post Reply