No announcement yet.

About the "Heartbleed" security flaw

  • Filter
  • Time
  • Show
Clear All
new posts

    About the "Heartbleed" security flaw

    Reports about the "Heartbleed" security flaw in the news are not just idle talk. Taking the easy way out by using the same password on multiple Websites or by using weak passwords just won't work any more.

    I've been checking every Website I go to by pasting its URL into the window provided here:

    Only registered and activated users can see links., Click Here To Register...

    You can check any https Website's vulnerability this way and be advised about what to do.

    BrainTalk isn't one of the vulnerable Websites, and many message boards aren't. But you'd be surprised at how many Websites have been affected. It doesn't mean you shouldn't go there--but you should follow the recommendations about changing passwords.

    I've been doing online banking and shopping for many years and never had a problem before, but just as Heartbleed came along, I had to replace both my credit cards because of unauthorized charges that appeared on them.

    That's the kind of thing that can happen with this Heartbleed flaw.
    Last edited by agate; 04-17-2014, 10:21 AM.
    SPMS diagnosed 1980. Avonex 2001-2004. Copaxone 2006-2009. Glatiramer acetate since December 2020.

    Our host "could have been" vulnerable. They took steps to protect themselves/their clients just to be safe. There is no need for anyone to worry about heartbleed and BrainTalk
    Question: Why can't I post links or pictures?
    Question: Why can't I have a signature, avatar, or profile picture?
    Question: What's wrong with my account?

    Answer: You are in the "registered users" user group. This group is very limited in what it can do. This will annoy spammers to no end Just keep posting once you have been registered for 30 days and have made 11 posts your account will be "unlocked".

    It's really easy to put someone on ignore and it's strongly recommended that you do so with people who's posts you don't like.

    Step 1 - log in
    Step 2 - click on the "settings" link
    Step 3 - click on the "edit ignore list" link on the left side of the screen
    Step 4 - type (or paste if you copied and pasted it) the username of the person you want to ignore
    Step 5 - click the "ok" button on the right of the screen

    Easy peasy and will lower your blood pressure. One important note though, this won't hide quoted posts. It's an oversight on the developers part and it's not an easy thing to "fix." So if someone quotes someone you have ignored, you'll see the quote.

    Alternatively when you click on a person's name and view their profile page, underneath their avatar, there is a option that says, "Ignore this person". Click that link and then click the yes button.


      ((((((agate)))))) ~

      Thank you so much for posting this link for us. I've checked the majority of the sites we use regularly, and only two of them recommended changing our password, which is comforting.

      This is one of the main reasons why I don't do banking, pay bills or taxes on line. We've all been boogieing down the internet superhighway, like all is well, and then something this major occurs, and we all have to scramble to keep ourselves safe.

      Of course, I do shop and order on line (a lot, given our circumstances), and two of the government agencies associated with Jon's care require on line transactions. We only have one credit card, and the company alerts us if they see a red flag.

      I'm going to share your link with my friends, and on their behalf, I thank you!

      ((((((Mike)))))) ~

      Thank you for the reassurance!

      Love & Light,

      Mom to Jon, 49, & Michael, 32, born with an undiagnosed progressive neuromuscular disease. Angel Michael received his wings in 2003. Angel Jon received his wings in 2019. In 2020, Jim, their Dad, joined them.


        For those who don't have Norton Anti-Virus, here are some excerpts from an e-mail Symantec sent to Norton AV users today:

        Due of the complex nature of this vulnerability, changing your passwords before sites update their version of OpenSSL won’t fully protect you. Here are some simple steps you can take as a precaution:

        Change your passwords on any website that contains sensitive information about you. You should first confirm that the site does not contain the Heartbleed vulnerability...
        If you’ve reused passwords on multiple sites, it’s especially important to change them. ...
        Beware of phishing emails and type website addresses directly in your browser instead of clicking on a link through an email.
        Monitor your bank and credit card accounts for unusual activity.
        It may take an extended period of time for all the sites affected by Heartbleed to fix this vulnerability. ...We recommend you only exchange personal or sensitive information such as your credit card number if the site is not affected by Heartbleed.
        I've deleted parts that apply only to Norton users, but anyone can use the LastPass link given in my earlier post to check a Website's vulnerability.

        Mike, thanks for the reassuring words.
        SPMS diagnosed 1980. Avonex 2001-2004. Copaxone 2006-2009. Glatiramer acetate since December 2020.