<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hi, Cameron, Drew, et al.: <br>
<br>
<br>
1. Do you have any reactions to the suggestion that a user
could increase rather than decrease their vulnerability if they
change a password BEFORE a host fixes the software on their end?
The concern is that some of the information stolen via Heartbleed
may still need need more work to decode than a password change
before the host software is patched. If this is accurate, we
should first check the hosts for our greatest vulnerabilities to
ensure that they've installed an appropriate patch, then change
our password, log out, then quickly log back in and change the
password again, as Cameron suggested. If I understand correctly,
the need to change the password twice is because a data thief may
catch the first password change but is unlikely to be able to
react quickly enough with that new information to catch your
second password change if you do it quickly enough. <br>
<br>
<br>
2. Wikipedia has an article on "Heartbleed", which been
updated every few minutes since it was created 2014-04-09 04:39
UTC. If you have information that you feel is not properly
reflected there, I'd like to know. I might be able to help update
it, though my schedule today is quite busy. <br>
<br>
<br>
Be safe. <br>
Spencer <br>
<br>
<br>
On 4/10/2014 6:16 AM, Drew wrote:<br>
</div>
<blockquote
cite="mid:ade0abf6-f97f-4e0e-895e-4647ea41e79f@email.android.com"
type="cite">Cameron, I and others can help people move to a
(user-friendly), freedom-respecting GNU/Linux computer system such
as Puppy Linux <a moz-do-not-send="true"
href="http://puppylinux.com">http://puppylinux.com</a> , or
Zorin <a moz-do-not-send="true" href="http://www.zorin-os.com">http://www.zorin-os.com</a>/
, or Linux Mint, etc.<br>
<br>
Green is Freedom!<br>
<br>
Drew<br>
-- <br>
Sent from my Android device with K-9 Mail. Please excuse my
brevity.
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
sosfbay-discuss mailing list
<a class="moz-txt-link-abbreviated" href="mailto:sosfbay-discuss@cagreens.org">sosfbay-discuss@cagreens.org</a>
<a class="moz-txt-link-freetext" href="http://lists.cagreens.org/cgi-bin/mailman/listinfo/sosfbay-discuss">http://lists.cagreens.org/cgi-bin/mailman/listinfo/sosfbay-discuss</a></pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Spencer Graves, PE, PhD
President and Chief Technology Officer
Structure Inspection and Monitoring, Inc.
751 Emerson Ct.
San José, CA 95126
ph: 408-655-4567
web: <a class="moz-txt-link-abbreviated" href="http://www.structuremonitoring.com">www.structuremonitoring.com</a>
</pre>
</body>
</html>