Yeah, I checked mysidia a few days ago, Miki is right.
Most things were patched on the first day, but this bug's been around for 2 years and even the website I used for checking was spitting sensible information. I don't think there's anything we can do at the moment honestly. You can only change your password after the website has patched the bug and issue a new SSL certificate.
This bug was caused by a mistake in the code we are actually talked about and taught at college. The fact no one found it while looking at it before I bet was because the variables had no meaning and there was no comment explaining what it was doing. Seeing the basic recommendations for writing code actually being broken irl and cause such a huge problem is nerve wrecking.
With this huge mistake, we can learn and improve.
Remember to never connect your accounts with the same password combination for anything and most importantly check your bank's website.
__________________
  
asp.net stole my soul.
|