Heartbleed bug and what you need to know

Discussion in 'Lets Talk about gambling and more...' started by Kotsy, Apr 12, 2014.

Play Book of RA Online
  1. Kotsy

    Kotsy Well-Known Member

    Since the start of this week, many news outlets have been reporting on the bug nicknamed Heartbleed. It's a bug that
    could put all passwords and sensitive data at risk for all online users. Why it took so long for it to become public, I'm not sure.
    Many of the most popular sites had already taken action against it.

    It's gotten every internet user into a frantic pace and just want to put it in laymen terms for you to understand
    and what you need to do.

    Will not get to technical with it, but it starts out with websites that use a specific encryption coding to "protect" your information and the bug was
    able to infiltrate many sites. According to CNN, Yahoo users seems to be the most prevalent for this security breach along with other popular sites and
    they are all in the process of sending out a patch to fix the problem.
    All users are being advised to watch for an email to change their passwords and to monitor all their online activity from bank accounts to online buying.

    Most popular sites such as Google, Amazon and others state that they have fixed the issue. Nothing addresses the fact as to if any of your personal information
    was compromised.

    As an avid internet user, I would suggest going in and changing your passwords for all online accounts and monitor the activity.
    I would rather be bothered by an hour of updating information instead of years trying to take care of an identity theft or chargers to an account that I never authorized.

    Once again, the low life scum of online hacking has occurred.
    VaennyTi and Marina like this.
  2. VaennyTi

    VaennyTi Well-Known Member

    Thanks for that post Kotsy :)

    There is also an important issue about the RC4 encryption to be noticed. There are some banking sites, which had used this type of encryption, to be sure, that you don't login with that low encryption method,just check your banking-Login site as following:

    1. Open your bankingsite (The Login-Page!)
    2. for firefox: there is always a keylock-symbol in the "www-bar" left
    3. klick on it and look for more information--> there is a headline with technical details with the encryptiontype... if there is the RC4-encryption used, be careful, this is a very low encryption and not really safe. To change this you can to this:


    1. Open a new tab
    2. type in about:config
    3. click "I know what I do" (something like this to move forward)
    4. in the searchbar type in "RC4"
    5. now there are 4 RC4 encryptiontypes been shown, all are "true", click the first three of them double, to make them "false". Then close the tab.
    6. now check your bank account again and you will see, there isn't any RC4 encryption anymore. There will be and SHOULD BE an "AES CBC SHA 128 or 256 bit encryption".

    you can change this all the time you want to, if you notice, that some sites doesn't work any more as good as before. That is then, because the site don't have another encryption method and have to use the RC4... then just change as I have metioned above in "true" again, and see if the site is working again.

    Have a nice weekend all together!^^

    Bye for now,
    Ellis, Kotsy and Marina like this.
Quasar Gaming