Quote:
Hey ****,
It has come to light that there is a very serious security hole in the
SSL software that is used all over the internet. When you are on a
secure site (the URL usuallybegins with https://), data that should be
encrypted and unreadable may not be. On a scale of 1 to 10, this is an
11 in terms of seriousness. Until this is corrected, I would suggest
doing the following:
1. Use the Firefox browser and install the add-on for the LastPass
password manager.
2. I also suggest installing the following add-ons in Firefox:
NoScript - Allows you to control the execution of all types of scripts
on every site you visit.
AdBlock Plus - Self-explanatory.
Ghostery - Lets you control whether or not code for things like
Facebook, Twitter and Disqus get processed by the browser.
WOT (Web of Trust) - Allows you to examine safety and trusworthiness of
a site before you follow a link to it. This is particularly nice when
looking at Google search results.
3. Set up 2-step verification forany sites and services that provide
the option, such as Google. With this in place, if someone is trying to
access one of your accounts, you will receive a text message that will
tip you off to what's happening.
4. Encrypt any files containing sensitive information prior to storing
them in the cloud (DropBox, Google Drive, etc.). TrueCrypt is a common
utility for this.
5. Keep access to sensitive accounts online to a minimum (bank and other
financial sites, social security, IRS and so on) until you hear that the
hole has been patched across the net.
Sorry to alarm you, but this is important.
Talk soon,
--
*******
It has come to light that there is a very serious security hole in the
SSL software that is used all over the internet. When you are on a
secure site (the URL usuallybegins with https://), data that should be
encrypted and unreadable may not be. On a scale of 1 to 10, this is an
11 in terms of seriousness. Until this is corrected, I would suggest
doing the following:
1. Use the Firefox browser and install the add-on for the LastPass
password manager.
2. I also suggest installing the following add-ons in Firefox:
NoScript - Allows you to control the execution of all types of scripts
on every site you visit.
AdBlock Plus - Self-explanatory.
Ghostery - Lets you control whether or not code for things like
Facebook, Twitter and Disqus get processed by the browser.
WOT (Web of Trust) - Allows you to examine safety and trusworthiness of
a site before you follow a link to it. This is particularly nice when
looking at Google search results.
3. Set up 2-step verification forany sites and services that provide
the option, such as Google. With this in place, if someone is trying to
access one of your accounts, you will receive a text message that will
tip you off to what's happening.
4. Encrypt any files containing sensitive information prior to storing
them in the cloud (DropBox, Google Drive, etc.). TrueCrypt is a common
utility for this.
5. Keep access to sensitive accounts online to a minimum (bank and other
financial sites, social security, IRS and so on) until you hear that the
hole has been patched across the net.
Sorry to alarm you, but this is important.
Talk soon,
--
*******
My stepdad knows his **** and is apparently quite afraid of this. If he's scared, then I'm terrified. So keep safe out there guys. Last thing I wanna see is someone on here get screwed.