Approve the Cookies
This website uses cookies to improve your user experience. By using this site, you agree to our use of cookies and our Privacy Policy.
OK
Index  •   • New posts  •   • RTAT  •   • 'Best of'  •   • Gallery  •   • Gear  •   • Reviews
Guest
New posts  •   • RTAT  •   • 'Best of'  •   • Gallery  •   • Gear  •   • Reviews
Register to forums    Log in

 
FORUMS Community Talk, Chatter & Official Stuff The Lounge 
Thread started 09 Apr 2014 (Wednesday) 09:55
Search threadPrev/next
sponsored links
(this ad will go away when you log in as a registered member)

Flickr users - reset your passwords!

 
joeblack2022
Goldmember
3,005 posts
Likes: 5
Joined Sep 2011
Location: The Great White North
     
Apr 09, 2014 09:55 |  #1

The issue has apparently been fixed but there was a period of vulnerability, which Yahoo has not specifically identified.

http://www.cnet.com …n-reveals-user-passwords/ (external link)


Joel

  
  LOG IN TO REPLY
sponsored links
(this ad will go away when you log in as a registered member)
morph2_7
Goldmember
1,112 posts
Joined Sep 2012
Location: Los Angeles
     
Apr 09, 2014 12:24 |  #2

Thanks for the heads up. The question is has Yahoo fixed all of their servers? If we change our passwords now and they happen to hit Yahoo servers that have not had the fix, bad guys will have our new passwords.




  
  LOG IN TO REPLY
joeblack2022
THREAD ­ STARTER
Goldmember
3,005 posts
Likes: 5
Joined Sep 2011
Location: The Great White North
     
Apr 09, 2014 12:28 |  #3

morph2_7 wrote in post #16821544 (external link)
The question is has Yahoo fixed all of their servers?

From the article:

Yahoo said just after noon PT that it fixed the primary vulnerability on its main sites: "As soon as we became aware of the issue, we began working to fix it. Our team has successfully made the appropriate corrections across the main Yahoo properties (Yahoo Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo Food, Yahoo Tech, Flickr, and Tumblr) and we are working to implement the fix across the rest of our sites right now. We're focused on providing the most secure experience possible for our users worldwide and are continuously working to protect our users' data."

I looked on Yahoo's website but couldn't find any official statement.


Joel

  
  LOG IN TO REPLY
morph2_7
Goldmember
1,112 posts
Joined Sep 2012
Location: Los Angeles
     
Apr 09, 2014 12:32 |  #4

I used this site: http://filippo.io/Hear​tbleed (external link) to test yahoo and flickr. They're both safe now.




  
  LOG IN TO REPLY
DGStinner
Goldmember
Avatar
1,040 posts
Gallery: 24 photos
Likes: 194
Joined Jan 2014
Location: Middlesex, New Jersey
     
Apr 09, 2014 12:50 |  #5

It probably wouldn't be as much of an issue if Yahoo! implemented two factor authentication.


Dave Stinner
Gripped 7DII | 6DII
EF 16-35mm f/4L IS USM | EF 24-105mm f/4L | EF 70-200mm f/4L IS USM | EF 50mm f/1.8 STM | EF 100mm f/2.8L Macro IS USM | Rokinon 8mm | Sigma 150-600
Instagram (external link)

  
  LOG IN TO REPLY
Michael60d
Member
Avatar
39 posts
Joined Feb 2012
     
Apr 09, 2014 13:23 |  #6

Even if "fixed" the damage still done, existing passwords are vulnerable. Think about changing all of your passwords for each of your important "secure" internet etc. Banking or anything "sensitive" in nature.

If, a site/server has still not patched, then changing your password now would still mean it's vulnerable, so probably a good idea to keep changing them for a while, or until you get the warm fuzzies again


- Photographer newbie who loves his 60D and learning more about photography

  
  LOG IN TO REPLY
DigitalDon
Senior Member
540 posts
Gallery: 2 photos
Likes: 32
Joined Aug 2012
Location: USA
     
Apr 09, 2014 13:28 |  #7

Michael60d wrote in post #16821700 (external link)
Even if "fixed" the damage still done, existing passwords are vulnerable. Think about changing all of your passwords for each of your important "secure" internet etc. Banking or anything "sensitive" in nature.

If, a site/server has still not patched, then changing your password now would still mean it's vulnerable, so probably a good idea to keep changing them for a while, or until you get the warm fuzzies again

Will it still be on my computer waiting for my new passwords?



(EOS RebelT3i EF-S 18 - 55 IS II Kit) (EFS 55 - 250 mm lense f/4-5.6 IS II) (YONGNUO YN 565EX flash)

  
  LOG IN TO REPLY
RWJP
Member
Avatar
120 posts
Joined Sep 2013
Location: Dorset, UK
     
Apr 10, 2014 05:31 |  #8

DigitalDon wrote in post #16821710 (external link)
Will it still be on my computer waiting for my new passwords?

No, because it is not something that exists on your computer. This is a vulnerability in an encryption/communicati​on method used by servers.


Gear:
EOS 600D w/ BG-E8| EF 75-300mm f/4-5.6 III | EF-S 18-55mm f/3.5-5.6 III | EF 50mm f/1.8 II | Speedlite 430EX II
Visit my Flickr (external link)

  
  LOG IN TO REPLY
DigitalDon
Senior Member
540 posts
Gallery: 2 photos
Likes: 32
Joined Aug 2012
Location: USA
     
Apr 10, 2014 09:04 |  #9

RWJP wrote in post #16823177 (external link)
No, because it is not something that exists on your computer. This is a vulnerability in an encryption/communicati​on method used by servers.

Thanks
This you whos that is yahoo is about as behind times as aol (my aol has alread been hacked once,don't use it anymore) would love to drop Yahoo but my service provider bellsouth/att uses them for my main email account. I wonder if Yahoo/bellsouth/ATT is going to let me know that they have their end fixed and let me know to change my password.



(EOS RebelT3i EF-S 18 - 55 IS II Kit) (EFS 55 - 250 mm lense f/4-5.6 IS II) (YONGNUO YN 565EX flash)

  
  LOG IN TO REPLY
morph2_7
Goldmember
1,112 posts
Joined Sep 2012
Location: Los Angeles
     
Apr 10, 2014 10:33 |  #10

DigitalDon wrote in post #16823477 (external link)
Thanks
This you whos that is yahoo is about as behind times as aol (my aol has alread been hacked once,don't use it anymore) would love to drop Yahoo but my service provider bellsouth/att uses them for my main email account. I wonder if Yahoo/bellsouth/ATT is going to let me know that they have their end fixed and let me know to change my password.

Yahoo is not the only one affected by this bug. There are many other websites affected by this problem. I won't worry about my Yahoo account as much as I do about my accounts at financial websites.




  
  LOG IN TO REPLY
DigitalDon
Senior Member
540 posts
Gallery: 2 photos
Likes: 32
Joined Aug 2012
Location: USA
     
Apr 10, 2014 11:12 as a reply to  @ morph2_7's post |  #11

Going to a website that I want to check the certificate of, I click on the lock icon next to the address bar, then clicking on View Certificates, I can see the info under the Details tab but how do I know if it has been patched?



(EOS RebelT3i EF-S 18 - 55 IS II Kit) (EFS 55 - 250 mm lense f/4-5.6 IS II) (YONGNUO YN 565EX flash)

  
  LOG IN TO REPLY
morph2_7
Goldmember
1,112 posts
Joined Sep 2012
Location: Los Angeles
     
Apr 10, 2014 11:18 |  #12

You can use the link in post #4 to check the site or ask the website support.




  
  LOG IN TO REPLY
DigitalDon
Senior Member
540 posts
Gallery: 2 photos
Likes: 32
Joined Aug 2012
Location: USA
     
Apr 10, 2014 11:27 |  #13

morph2_7 wrote in post #16823792 (external link)
You can use the link in post #4 to check the site or ask the website support.

I tried entering in the site I wanted to check, a blue line goes across the top of the screen but does nothing else, how long should it take for it to check a site.



(EOS RebelT3i EF-S 18 - 55 IS II Kit) (EFS 55 - 250 mm lense f/4-5.6 IS II) (YONGNUO YN 565EX flash)

  
  LOG IN TO REPLY
morph2_7
Goldmember
1,112 posts
Joined Sep 2012
Location: Los Angeles
     
Apr 10, 2014 11:33 |  #14

It should be instantaneous, about 3-5 seconds. However, I've seen the problem you're experiencing (blue line goes all the way to the right and does nothing else). I guess their site isn't that reliable or too busy. It would be better if you contact the website support.




  
  LOG IN TO REPLY
DigitalDon
Senior Member
540 posts
Gallery: 2 photos
Likes: 32
Joined Aug 2012
Location: USA
     
Apr 10, 2014 11:44 |  #15

morph2_7 wrote in post #16823824 (external link)
It should be instantaneous, about 3-5 seconds. However, I've seen the problem you're experiencing (blue line goes all the way to the right and does nothing else). I guess their site isn't that reliable or too busy. It would be better if you contact the website support.

Use to at the bottom of every website there was a link to the Web Master but I guess that is gone forever. Looked at Quicken website and my banking website and can't find anything related to asking them about a certificate update, And you know how it would be trying to talk to somebody on the phone that wouldn't have a clue as to what I was talking about.

Edited to add Found something in the Quicken forum
Recommended answer
 Quicken Kathryn

Moderator

 16 hours ago


Hi petev

As part of its ongoing commitment to maintain the security of customer data, Intuit has actively examined and is updating its servers to protect against the newly discovered “Heartbleed” vulnerability on the Internet.

At this time, there is nothing to indicate that any customer data is affected and our products are available as usual. We will provide more information as we learn more.

Further information on protecting personal information is available from the Intuit Online Security Center at https://security.intui​t.com/index.php (external link)

Thanks,



(EOS RebelT3i EF-S 18 - 55 IS II Kit) (EFS 55 - 250 mm lense f/4-5.6 IS II) (YONGNUO YN 565EX flash)

  
  LOG IN TO REPLY
sponsored links
(this ad will go away when you log in as a registered member)

2,182 views & 0 likes for this thread
Flickr users - reset your passwords!
FORUMS Community Talk, Chatter & Official Stuff The Lounge 
AAA
x 1600
y 1600

Jump to forum...   •  Rules   •  Index   •  New posts   •  RTAT   •  'Best of'   •  Gallery   •  Gear   •  Reviews   •  Member list   •  Polls   •  Image rules   •  Search   •  Password reset

Not a member yet?
Register to forums
Registered members may log in to forums and access all the features: full search, image upload, follow forums, own gear list and ratings, likes, more forums, private messaging, thread follow, notifications, own gallery, all settings, view hosted photos, own reviews, see more and do more... and all is free. Don't be a stranger - register now and start posting!


COOKIES DISCLAIMER: This website uses cookies to improve your user experience. By using this site, you agree to our use of cookies and to our privacy policy.
Privacy policy and cookie usage info.


POWERED BY AMASS forum software 2.1forum software
version 2.1 /
code and design
by Pekka Saarinen ©
for photography-on-the.net

Latest registered member is amdcasin
680 guests, 350 members online
Simultaneous users record so far is 15144, that happened on Nov 22, 2018

Photography-on-the.net Digital Photography Forums is the website for photographers and all who love great photos, camera and post processing techniques, gear talk, discussion and sharing. Professionals, hobbyists, newbies and those who don't even own a camera -- all are welcome regardless of skill, favourite brand, gear, gender or age. Registering and usage is free.