1 Solution
Correct answers
Were Verizon's servers affected by the Heartbleed bug? And if so, were they fixed?
Solved! Go to Correct Answer
Hello - thanks for your concern. To date, Verizon Wireless's review of it's external websites found no evidence of any compromise. Please see Verizon Wireless's official statement below:
Verizon Wireless is aware of the OpenSSL security vulnerability referred to as ‘Heartbleed.’ The long period of industry-wide exposure to the Heartbleed problem is unusual, but in our review to date of Verizon Wireless’ external websites, we have found no evidence of any compromise. Our investigation is ongoing, and we continue to work with our vendors as they complete their own assessments. We will respond to the results accordingly.
As always, we advise our customers to follow good online security practices, including choosing unique passwords and changing them periodically.
We are also working with our device manufacturers to test and deploy patches to any affected wireless devices on our network running Android 4.1.1. Our device manufacturers have confirmed that other wireless device operating systems are not affected. We encourage our customers to check for and accept system updates on their wireless devices. Customers who have rooted their wireless device or installed modified software should reset the device to factory settings and then check for and accept system updates. Customers can visit our website for information about the latest software updates. (http://www.verizonwireless.com/support/information/software_updates.html?lid=sayt&sayt=software%20up...) Customers who have downloaded applications from third parties should contact the application provider for security information.
Hello - thanks for your concern. To date, Verizon Wireless's review of it's external websites found no evidence of any compromise. Please see Verizon Wireless's official statement below:
Verizon Wireless is aware of the OpenSSL security vulnerability referred to as ‘Heartbleed.’ The long period of industry-wide exposure to the Heartbleed problem is unusual, but in our review to date of Verizon Wireless’ external websites, we have found no evidence of any compromise. Our investigation is ongoing, and we continue to work with our vendors as they complete their own assessments. We will respond to the results accordingly.
As always, we advise our customers to follow good online security practices, including choosing unique passwords and changing them periodically.
We are also working with our device manufacturers to test and deploy patches to any affected wireless devices on our network running Android 4.1.1. Our device manufacturers have confirmed that other wireless device operating systems are not affected. We encourage our customers to check for and accept system updates on their wireless devices. Customers who have rooted their wireless device or installed modified software should reset the device to factory settings and then check for and accept system updates. Customers can visit our website for information about the latest software updates. (http://www.verizonwireless.com/support/information/software_updates.html?lid=sayt&sayt=software%20up...) Customers who have downloaded applications from third parties should contact the application provider for security information.
You see, Verizon? This is why the carriers need to get out of the OS-controlling business, especially for Android, and go to Apple's model for OS updates (i.e., let the software maker give the latest updates to consumers directly and timely). By carriers' being slow to update the phones -- and we all know the REAL reason for this, it's to get consumers to just buy new phones -- hackers take advantage of this and take advantage of the vulnerabilities they discover in each OS. You say 4.1.1? I'm on 4.1.2 on a Motorola Droid Razr M and McAfee's Heartbleed Detector app still says I'm vulnerable to attack. Where's my update? These updates should be happening NOW to protect us.
Start a new topic or ask questions in the open forum.
