On 10/04/2014 16:36, Mark Wonsil wrote:
> I agree with John. Change your password AFTER the server remediation is
> completed or at least change it again after remediation.
>
>   etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
I received the following in an email from a site I'm registered with, 
suggesting how you can tests sites for vulnerability.

I cannot vouch for filippo.io  so beware/check out before using


      Advice for web users:

There are ways you can test if websites you visit are vulnerable to the 
'Heartbleed Bug' before you enter any personal details on them.
If you are a Chrome user you can download a Chrome Extension, 
Chromebleed, which warns you when a site you're visiting has been affected.
https://chrome.google.com/webstore/detail/chromebleed/eeoekjnjgppnaegdjbcafdggilajhpic 


There is also a test site you can check by domain names
http://filippo.io/Heartbleed/


        Changing Passwords

As a precautionary measure, people are being advised to change the 
passwords for all of their online accounts -- especially the most 
sensitive accounts (Internet Banking, Email, Social Networks etc...).
If you decide to undertake these [painfully laborious] measures, may we 
advise that you *do not change your password with a website until you 
are certain that they have already patched the 'Heartbleed Bug'.* This 
will ensure the safety of your new set of passwords.

-- 
Alan Yeo
[log in to unmask]    Just because you're paranoid
Phone +44 1684 291710   it doesn't mean someone isn't!.

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *