# The "Heartbleed" Bug



## Jeffery (Oct 25, 2011)

Has HomesteadingToday been affected by the Heartbleed bug?
Do we need to change our passwords?

For those of you who have not heard; here is everything you need to know about the âHeartbleedâ bug:
http://www.komando.com/blog/247649/...rce=notd&utm_content=2014-04-10-article_0-cta

.


----------



## Shoden (Dec 19, 2012)

Based on my understanding of the Heartbleed bug, which takes advantage of a vulnerability in OpenSSL, HomesteadingToday shouldn't be affected, since it doesn't use an SSL connection.

Sites that might be an issue will, depending on your browser, display a lock icon somewhere in the browser window or include https:// in the address. Even if a site indicates that it's using SSL, that doesn't necessarily mean they're using the OpenSSL implementation, and so wouldn't be affected by the bug either.


----------



## Kung (Jan 19, 2004)

On top of that, it's not every version/implementation of OpenSSL that has the bug.

This said....I would take it *VERY* seriously. Sites that have been affected are only 'safe' once they have both patched the vulnerability AND obtained/issued new certs.


----------



## Nevada (Sep 9, 2004)

Kung said:


> On top of that, it's not every version/implementation of OpenSSL that has the bug.
> 
> This said....I would take it *VERY* seriously. Sites that have been affected are only 'safe' once they have both patched the vulnerability AND obtained/issued new certs.


I know that I'm taking it seriously. I checked my bank's site but it isn't subject to this ploy. Everyone should check web sites of their bank, credit card company, and any other secure accounts (email, cloud storage, paypal, eBay, Amazon, etc.). You can check by entering the URL at this link.

http://safeweb.norton.com/heartblee...gl:en:b|kw0000449033|38757638836|c&country=US


----------



## Belfrybat (Feb 21, 2003)

Go here to check if a site is vulnerable:
https://lastpass.com/heartbleed/

Go here to see a list of most popular sites:
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/


----------



## Belfrybat (Feb 21, 2003)

Nevada said:


> I know that I'm taking it seriously. I checked my bank's site but it isn't subject to this ploy. Everyone should check web sites of their bank, credit card company, and any other secure accounts (email, cloud storage, paypal, eBay, Amazon, etc.). You can check by entering the URL at this link.
> 
> http://safeweb.norton.com/heartblee...gl:en:b|kw0000449033|38757638836|c&country=US


Most of the sites I frequent were not affected, however I tend to use the same four passwords. So even if a site isn't affected, if the same password is used on a vulnerable site, you could still get hacked. (or whatever it is called)


----------

