V-Flyer

What do people here know about this? I know it's hit the news in a big way over the last few days, but from what I read, it's been around a fair while and only just been picked up - so we've all been possibly at risk? How much of this, if any, is scaremongering?????

Basically its a vulnerability within SSL. When you visit a secure website you see the golden padlock on your address bar. Well turns out its been compromised for some time and that the details you thought were secure might not have been.

The only thing users can do is reset their passwords. It is up to the websites using SSL (banking, home shopping, email etc.) to patch their servers to protect our data.

If you want to check the website you are using is affected go to the link below and type in the url of the website you are going too.

http://filippo.io/Heartbleed/

hope this helps somewhat.

Allymc316

There's little point resetting passwords until the websites have been patched though...lots of places mentioning resting passwords but failing to mention this.

That was pretty much what I thought James. Difficulty is knowing when sites are patched. I did go to that site and input virginatlantic - it came up with 'advanced - ignore certificates' - which doesn't mean anything to me, I need plain English!

This site seems to speak in English:

https://lastpass.com/heartbleed/

Though, worryingly, virgin atlantic is showing as possibly being vulnerable. Although the virgin money site appears to have been patched....

What about this website (V-flyer)? Does it use OpenSSl, if vunerable has it been fixed? I understand there's no point changing passwords until it has been fixed.