For those of you madly running around changing your passwords on the hundreds of websites where you have accounts: it might be wise to consider checking first, to see if they have patched their OpenSSL library. If they had the problem (not all sites did), and have applied the OpenSSL 1.0.1g patch (not all sites have), they should be advising you to come back and change your password. If they have the problem, and haven't applied the patch yet, you could be giving away your new password too.
Here are some references I've been reading and re-reading...
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment