HeartBleed and F-Secure Key

NikK Posts: 903 Forum Champion

F-Secure has made huge changes in the product page for Key, with a big picture and information about HeartBleed including:


"F-Secure Key users data is protected despite of the Heartbleed vulnerability. With Key, your passwords are safe.


I think that is misleading information. If you log in to a vulnerable web site using Key, then those credentials are not safe.




  • Ukko
    Ukko Posts: 3,611 Superuser

    It's, of course, marketing and related points, but:


     - F-Secure Key and users data is protected despite of the Heartbleed vulnerability:


    Just because - servers already are fixed; Another kind of "vulnerable" sides - close to "hard realization"; And it's mean - F-Secure Key (and related with that - users data, which locally stored... and have connection with Key-cloud for sync) without any vulnerability about current story.

    Vulnerable there - webpags/websites, which have vulnerability and not fix that yet. Administators of current websites/webpages must to fix that - and F-Secure Key not related with that actions.



     - Another part "With Key, your passwords are safe":


    Close to true too. In situation, when it's meaning : some password-managers can to use any plugins/addons or web-service like storage or something like that. All of that - can be vulnerable more.... and can be leaked during that story (which not possible with F-Secure Key design);


    But again..... marketing...marketing.


    Like addition (but it's break any "perfomance") here must be: "But with "vulnerable web-sites" - your passwords/credentials can be compromised". And for return "perfomance" - "Be careful..."  ...... and for "return marketing perfomance" - "...with the choice"


    Currently.... most strange place in page with that information - it's check-feature about "who are in dangerous" - which in fact not really helpful with current realization.

This discussion has been closed.