View Single Post
Old April 10th, 2014, 02:12 PM   #12 (permalink)
- Crazy peacock person -
Thread Author (OP)
MoodyBlues's Avatar
Join Date: Jan 2011
Location: /home/LosAngeles
Posts: 3,340
Device(s): Kindle Fire HD 8.9" (rooted), Motorola Atrix 2, Motorola Atrix 4G (retired), Motorola Bravo (retired
Carrier: AT&T

Thanks: 1,094
Thanked 1,564 Times in 969 Posts

Originally Posted by SiempreTuna View Post
The vulnerability also affects clients, potentially including phones and tablets.

The Google site states:

Basically, if you're running 4.1.1 it may be worth contacting your phone manufacturer, otherwise your phone / tablet should be OK - though obviously, the servers you connect to may not.
Now I can claim to have been prescient! I wanted to avoid the Heartbleed thing, and THAT'S why I never got around to upgrading any of my Android devices above 4.0.4.

Having read a bit more on this, it occurs to me that you BEFORE you change your password on an affected site, you might want to ensure they've fixed the bug. If not, you'd potentially be exposing your new and old passwords to a watcher who didn't have the old one
This is a very good point. The problem I'm seeing is that people contacting sites end up with CSRs who don't even know what they're talking about. Think about the usual outcome of a random call to some place like Bank of America; you call their 800 number and get a menu of choices; none of those choices will take you to an IT-smart, up-to-the-minute informed tech person.

MoodyBlues is offline  
Reply With Quote