darsben wrote:
It is no good to change your password UNTIL the site patches the vulnerability. MY internet accounts that used OPEN SSL have all sent me emails when done. As someone else stated it does NO GOOD to change before the patch.
FWIW Yahoo has patched.
Remember not all sites used OPEN SSL call our financial institution and ask them if they did and if they patched. If they cannot answer the question at this date I would question how securely your account information at that institution is being handled.
My IT guy says the same thing. It's actually more dangerous to change before they update. Just try not to log into sites not fixed yet.
