HeartBleed and F-Secure Key

F-Secure has made huge changes in the product page for Key, with a big picture and information about HeartBleed including:

 

"F-Secure Key users data is protected despite of the Heartbleed vulnerability. With Key, your passwords are safe.

 

I think that is misleading information. If you log in to a vulnerable web site using Key, then those credentials are not safe.

 

 

Comments

  • UkkoUkko Posts: 2,992 Superuser

    It's, of course, marketing and related points, but:

     

     - F-Secure Key and users data is protected despite of the Heartbleed vulnerability:

     

    Just because - servers already are fixed; Another kind of "vulnerable" sides - close to "hard realization"; And it's mean - F-Secure Key (and related with that - users data, which locally stored... and have connection with Key-cloud for sync) without any vulnerability about current story.

    Vulnerable there - webpags/websites, which have vulnerability and not fix that yet. Administators of current websites/webpages must to fix that - and F-Secure Key not related with that actions.

     

     

     - Another part "With Key, your passwords are safe":

     

    Close to true too. In situation, when it's meaning : some password-managers can to use any plugins/addons or web-service like storage or something like that. All of that - can be vulnerable more.... and can be leaked during that story (which not possible with F-Secure Key design);

     

    But again..... marketing...marketing.

     

    Like addition (but it's break any "perfomance") here must be: "But with "vulnerable web-sites" - your passwords/credentials can be compromised". And for return "perfomance" - "Be careful..."  ...... and for "return marketing perfomance" - "...with the choice"

     

    Currently.... most strange place in page with that information - it's check-feature about "who are in dangerous" - which in fact not really helpful with current realization.

This discussion has been closed.