How the Heartbleed bug affects users

**CharlesA** · April 10th, 2014

There is a bunch of info regarding this bug over here: http://heartbleed.com/ but it is mostly geared to server administrators.
This explanation is more suited to users: http://www.vox.com/2014/4/8/5593654/...romise-privacy

As far as users are concerned, there isn't much they can do except check with any sites they use and see if they have been patched.

If they have been patched, change your passwords. I would even go so far as to change passwords for sites that say they are unaffected, just in case.

There are some resources to help with that including a scanner from LastPass: https://lastpass.com/heartbleed/

I also found a small list of commonly used sites that said if they were affected or not. It can be found here:
http://mashable.com/2014/04/09/heart...ites-affected/

Hope this helps.

**pfeiffep** · April 10th, 2014

+1

Originally Posted by CharlesA

There is a bunch of info regarding this bug over here: http://heartbleed.com/ but it is mostly geared to server administrators.
This explanation is more suited to users: http://www.vox.com/2014/4/8/5593654/...romise-privacy

As far as users are concerned, there isn't much they can do except check with any sites they use and see if they have been patched.

If they have been patched, change your passwords. I would even go so far as to change passwords for sites that say they are unaffected, just in case.

There are some resources to help with that including a scanner from LastPass: https://lastpass.com/heartbleed/

I also found a small list of commonly used sites that said if they were affected or not. It can be found here:
http://mashable.com/2014/04/09/heart...ites-affected/

Hope this helps.

Thanks for this informed information. Here's another site for end users to check (scan) sites they normally visit, or here

**pfeiffep** · April 11th, 2014

Here's a nice slide show summarizing Heartbleed

**CharlesA** · April 11th, 2014

Originally Posted by pfeiffep

Here's a nice slide show summarizing Heartbleed

Good slideshow.

**pqwoerituytrueiwoq** · April 11th, 2014

how can i check for myself to see if a site is affected? (IE attempt to use this exploit to see if they are affected)

**CharlesA** · April 11th, 2014

Originally Posted by pqwoerituytrueiwoq

how can i check for myself to see if a site is affected? (IE attempt to use this exploit to see if they are affected)

Use the scanner lastpass has up, but keep in mind nothing is 100%.

**dave_moran** · April 12th, 2014

thx for the help.

**rburkartjo** · April 12th, 2014

here is the link

https://www.ssllabs.com/ssltest/

please know it might take a few minutes

http://ubuntuforms.org sever got an A-

**sandyd** · April 12th, 2014

Merged.

**QDR06VV9** · April 14th, 2014

This was todays(4-14-2014) check.

Code:

Site:
ubuntuforums.org

Server software:
Apache/2.2.22 (Ubuntu)

Was vulnerable:
Possibly (known use OpenSSL, but might be using a safe version)

SSL Certificate:
Now Safe (created 6 days ago at Apr  8 14:28:06 2014 GMT)

Assessment:
Change your password on this site if your last password change was more than 6 days ago

So has everybody changed there passwords?

Thread: How the Heartbleed bug affects users

Thread Tools

Display

How the Heartbleed bug affects users

Re: How the Heartbleed bug affects users

Re: How the Heartbleed bug affects users

Re: How the Heartbleed bug affects users

Re: How the Heartbleed bug affects users

Re: How the Heartbleed bug affects users

Re: How the Heartbleed bug affects users

ref heartbleed bug here is an SSL Server Test

Re: How the Heartbleed bug affects users

Re: How the Heartbleed bug affects users

Bookmarks

Bookmarks

Posting Permissions

Site:	ubuntuforums.org
Server software:	Apache/2.2.22 (Ubuntu)
Was vulnerable:	Possibly (known use OpenSSL, but might be using a safe version)
SSL Certificate:	Now Safe (created 6 days ago at Apr 8 14:28:06 2014 GMT)
Assessment:	Change your password on this site if your last password change was more than 6 days ago