In short, as an end-user, you can’t do anything except refrain from going to web sites that are vulnerable (check with this tool: http://ift.tt/1kkYl58). I bet someone will make a browser extension for that. Maybe Google will push an update to Chrome, for instance, that checks the site for the vulnerability before displaying the “safe https” stuff in the URL bar.
If you want to use a web site that is vulnerable, try to contact the owner and ask them to update the OpenSSL package on their servers.
You’re going to want to change your passwords. But not yet. You’re going to have to wait until after servers get updated to fix the bug.
Here’s another post on the topic:
No comments:
Post a Comment