Cruisers Forum
 


Join CruisersForum Today

Reply
 
Thread Tools Rate Thread Display Modes
Old 10-04-2014, 11:08   #1
Registered User

Join Date: May 2012
Location: Central California
Boat: Catalina 30
Posts: 873
On-line Banking Bug - Heartbleed

Many of us do our banking on line. What
do you all think about the bug recently
found? It's called the Heartbleed bug and
many news sources recommend waiting a
few days to check your on-line banking,
and then changing all your passwords.
I use about 80 different passwords.
__________________

__________________
Bill
...........................................
You can't buy happiness, but you can buy ribeye.
jongleur is offline   Reply With Quote
Old 10-04-2014, 11:28   #2
Long Range Cruiser
 
MarkJ's Avatar

Cruisers Forum Supporter

Join Date: Dec 2007
Location: Australian living on "Sea Life" currently in England.
Boat: Beneteau 393 "Sea Life"
Posts: 12,828
Images: 25
Re: On-line Banking Bug - Heartbleed

Check the servers you connect to with this tool

Test your server for Heartbleed (CVE-2014-0160)
__________________

__________________
Notes on a Circumnavigation.
OurLifeAtSea.com

Somalia Pirates and our Convoy
MarkJ is offline   Reply With Quote
Old 10-04-2014, 11:37   #3
Registered User

Join Date: Feb 2011
Posts: 156
Re: On-line Banking Bug - Heartbleed

Quote:
Originally Posted by MarkJ View Post
Check the servers you connect to with this tool

Test your server for Heartbleed (CVE-2014-0160)


And I trust you to ensure if I click I won't regret it
__________________
1000 islands is offline   Reply With Quote
Old 10-04-2014, 11:56   #4
CF Adviser
Moderator Emeritus
 
Hud3's Avatar

Cruisers Forum Supporter

Join Date: Sep 2007
Location: Virginia
Boat: Island Packet 380, now sold
Posts: 8,929
Images: 49
Re: On-line Banking Bug - Heartbleed

The vunerability is specific to OpenSSL. If your bank/financial institution uses another encryption scheme you don't have to worry about Heartbleed.
__________________
Hud
Hud3 is offline   Reply With Quote
Old 10-04-2014, 12:28   #5
Registered User

Join Date: May 2012
Location: Central California
Boat: Catalina 30
Posts: 873
Re: On-line Banking Bug - Heartbleed

The vunerability is specific to OpenSSL. If your bank/financial institution uses another encryption scheme you don't have to worry about Heartbleed.

MarkJ:

Is this what we would find out by clicking on your link?
__________________
Bill
...........................................
You can't buy happiness, but you can buy ribeye.
jongleur is offline   Reply With Quote
Old 10-04-2014, 13:07   #6
Registered User

Join Date: Dec 2013
Location: Paradise
Boat: Various
Posts: 2,360
Re: On-line Banking Bug - Heartbleed

Honestly, at this point, the potential damage to be done by heartbleed is unknown. It is just known that a huge vulnerability exists. Fact is, however, we're at risk every day and many ways. It's not just online and not just credit or debit cards. Every time you use a card it's exposed. Any time you write a check as well. Anyone can produce a check with all your information and use it locally or online.

It behooves every one to take certain precautions. First, set up alerts on all your accounts to text and email you any large or international or other transaction outside normal parameters. Second, look at your account online regularly, preferably daily, so issues are caught quickly. The banks are prepared and quickly can shut cards down and reissue, shut bank accounts and give a new one. Fraud departments of some work better than others. If you see some random tiny transaction such as a penny on your account, that's someone testing and time to talk to the card company if they haven't contacted you. Be aware of things like heartbleed but also take the same precautions whether or not there's a known issue. It wasn't that long ago it was a huge card processor. Of course Target but also Neiman Marcus. Most of the issues have not come from online usage.

Then add to that regularly changing passwords as big a pain as that is. And one other thing I recommend. Keep minimal amounts in your checking account and do not get overdraft protection. That way if someone does get access they'll be limited in what they get and just get your checking balance, not your savings. And you'll be able to recover the loss from the bank, although might take a little while. My checking account always has very little money. If I was going to write a large check, I'd have to go online first and transfer money to it. Then write.

Bank account and credit information is at risk every day. Identity theft is as well. I'd suggest regularly monitoring your credit report and having some service to notify of new activity. I once had a housekeeper who got nine department store credit cards in my name sent to her at her address. She just said her address had changed and filled out the applications. She only got caught when she was buying a mobile home and right before delivery they called to verify my employment and the HR department knew something wasn't right.
__________________
BandB is offline   Reply With Quote
Old 10-04-2014, 13:13   #7
Long Range Cruiser
 
MarkJ's Avatar

Cruisers Forum Supporter

Join Date: Dec 2007
Location: Australian living on "Sea Life" currently in England.
Boat: Beneteau 393 "Sea Life"
Posts: 12,828
Images: 25
Re: On-line Banking Bug - Heartbleed

Quote:
Originally Posted by jongleur View Post
The vunerability is specific to OpenSSL. If your bank/financial institution uses another encryption scheme you don't have to worry about Heartbleed.

MarkJ:

Is this what we would find out by clicking on your link?
Yes, as far as I know.

So I put my banks website address in and that was fine. Then I put in the internet banking page URL where I put in my password (but i didnt put in my password, of course). Thats the one that starts https not just http.

And it came back with
Quote:
All good, internetbanking.xxxxxxxxxxx.net.au seems fixed or unaffected!
__________________
Notes on a Circumnavigation.
OurLifeAtSea.com

Somalia Pirates and our Convoy
MarkJ is offline   Reply With Quote
Old 11-04-2014, 23:48   #8
Registered User

Join Date: Dec 2011
Location: Thailand
Posts: 215
Images: 3
Re: On-line Banking Bug - Heartbleed

It is now being reported that the NSA is behind this bug

Sent from my SAMSUNG-SGH-I537 using Cruisers Sailing Forum mobile app
__________________
If your ship doesn't come in, swim out to it!
captainbri is offline   Reply With Quote
Old 12-04-2014, 00:35   #9
Registered User
 
Tx J's Avatar

Join Date: Jan 2013
Location: South Texas
Boat: Newport 28 & Robalo 20
Posts: 363
Re: On-line Banking Bug - Heartbleed

Quote:
Originally Posted by captainbri View Post
It is now being reported that the NSA is behind this bug

Sent from my SAMSUNG-SGH-I537 using Cruisers Sailing Forum mobile app
IIRC, the NSA has merely been aware of it, has kept quiet about it, and exploited it when it suited them. The NSA seemingly didn't actually originate it. They do engage in their own little adventures though, only some of which we know of.
Worldwide there are hordes of others (so-called "hackers", et al.), both private/non-state and state actors, swimming in the primordial soup of the 'internetz'.
__________________

__________________
Tx J is offline   Reply With Quote
Reply

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Banking Outside the US in Western Hemisphere Mule Dollars & Cents 53 04-08-2010 15:03
Banking Abroad Silverbow Dollars & Cents 35 17-04-2010 15:59
Banking while cruising Sonosailor General Sailing Forum 10 28-12-2003 18:45



Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -7. The time now is 05:16.


Google+
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Social Knowledge Networks
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.

ShowCase vBulletin Plugins by Drive Thru Online, Inc.