On 4/10/2014 5:32 PM, g wrote:
On 04/11/14 02:14, David wrote: <<>> On 4/10/2014 3:49 PM, g wrote:
would you have a suggestion of a link that give a good detailed description of what bug is all about and how some sites are effected while others are not?
Sure. Explained as simply (non geeky) as i have seen.
"The Heartbleed Bug"
ok. been there. read it.
in following the links in the "theatlantic.com/technology/" article, mainly;
https://lastpass.com/heartbleed/ http://possible.lv/tools/hb/ https://www.ssllabs.com/ssltest/
my main concern for security is with my bank, and norton/symantec, which at all 3 of above links;
bank = 'not vulnerable', and ssllabs gives a "B"
us.norton = 'not vulnerable', and ssllabs gives a "F"
symantec.com = "Warning: Inconsistent server configuration" and grades of "F", "B", "B"
grc.com = "A+", "A+"
with above, i do not believe i will worry about my passwords for tech support groups that i subscribe.
like, what would some crazy do with such anyway?
layout for passwords for above 4 sites is totally different from what i use for support groups and non tech list.
to quote a childhood idle, Alfred E Newman, "What? Me worry?"
thanks. have a great one.
Sure. I would not really *greatly* care about tech sites password. I would be (was) concerned about my 'money' sites. The sites had to used openssl. Which would be any Apache and another one that I can not recall at the moment.
But? This time the 'ten feet tall and bullet proof because I use Linux' Bull$$hit failed. This one is Linux centered. Period. A programer created this and added it to the code. And 'free and a no money' supported program mistake not caught for about two years.
IMHO? The problem with 'free is that you get what you pay for in the end. A group of nice people working part time for nothing. No real resources. People with real jobs that pay. Families. And 'part time support'. I tip my hat but? Sad.