The Chip Board
Custom Search
   


The Chip Board Archive 23

NCR The Heartbleed program bug

I think we now know how many of the strange emails from other collectors came to be generated. Google and read about Heartbleed on the web. I first learned of it from an article in the Wall Street Journal and a news spot on CNBC yesterday.

Anyone logging onto a web site that used a recent version of the server software that manages HTTPS, the "secure" HTTP communications protocol, could have had a password stolen by a malicious hacker. They don't get into your PC at all. Virus scans don't protect you at all. Changing your password at the site that provides your email service doesn't help at all until they fix their server software; it just gets stolen again. The bug was created about 2 years ago but was only recognized recently.

My email provider (Network Solutions) just turned off all email access. I changed password once a few days ago, but the volume of sent email in my user name was so great that they locked me out again. I never see any of this as the messages are sent from the email server, not from my PC. I would imagine that's true of other email providers as well.

This situation will settle out in a few weeks as every server gets software fixed and all users' email passwords are changed but until then, it's a big mess.

Messages In This Thread

NCR The Heartbleed program bug
Don, I Just Sent You An Email! vbg
If anybody needs to email me..
That's Me, Don! vbg vbg
Thanks Don, sure makes sense!!

Copyright 2022 David Spragg