Posted on 04/09/2014 3:00:05 PM PDT by kingattax
This week web experts discovered a huge flaw in the security software used by millions of Web sites — including many banks, email and social media services. Some sites have likened the breach to leaving your front door unlocked, and anyone who knows how to open the door can intrude and expose your confidential information.
Unfortunately, the fix isn’t as simple as locking the door from inside your house. The code vulnerability exists within layers of secure Internet server coding.
So how does this affect you?
* This week web experts discovered a huge flaw in the security software used by millions of Web sites — including many banks, e-mail and social media services.
* While it is a serious concern for all web users, individual Internet users cannot take direct steps to fix the bug; it exists on Internet servers
* If a site you use is still vulnerable, any hacker who understands how to exploit the weakness will have access to names and passwords, email and message content — truly any data shared over the supposedly secure connection.
* This does not mean your information has already been affected or stolen, but it does mean your personal information is vulnerable to theft until the code fix is applied to each affected server.
(Excerpt) Read more at theblaze.com ...
Drive down and talk to your local, cute Teller.
If a vulnerability can exist with "layers of secure coding" and undermine the whole structure, why do we call them "layers?"
This appears to be ‘the big one’ and it was open source.. And the bug went unnoticed since late 2011.. This is a huge blow.
I updated my client stuff to 1.01g, which is fixed. But who knows how long actual web site owners will take to upgrade.
Ping !,,,,!,,,!
This is all Algore’s fault. He invented a flawed internet.
Any other source other than “The Blaze?” Hate that site and all of its’ pop-ups.
So it sounds like the problem is with how individual sites handle SSL. Anyone know if Bank of America or PayPal websites are affected by this?
Here’s a good source with a few things users can do to help protect themselves. However, it’s the hosting sites and their version of OpenSSL. So ultimately, end users can’t do too much.
Bttt.
Now the question is, was it really a bug, or did NSA or the Chinese put it there?
https://freerepulblic.com doesn’t exist, just http;//freerepublic.com Therefore this is not an issue.
sorry, meant to type: https://freerepublic.com
That doesn’t look like a San Francisco Bank....
The billing hours work out better.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.