HeartBleed and F-Secure Key

Advocate

HeartBleed and F-Secure Key

F-Secure has made huge changes in the product page for Key, with a big picture and information about HeartBleed including:

 

"F-Secure Key users data is protected despite of the Heartbleed vulnerability. With Key, your passwords are safe.

 

I think that is misleading information. If you log in to a vulnerable web site using Key, then those credentials are not safe.

 

 

1 REPLY 1
Superuser

Re: HeartBleed and F-Secure Key

It's, of course, marketing and related points, but:

 

 - F-Secure Key and users data is protected despite of the Heartbleed vulnerability:

 

Just because - servers already are fixed; Another kind of "vulnerable" sides - close to "hard realization"; And it's mean - F-Secure Key (and related with that - users data, which locally stored... and have connection with Key-cloud for sync) without any vulnerability about current story.

Vulnerable there - webpags/websites, which have vulnerability and not fix that yet. Administators of current websites/webpages must to fix that - and F-Secure Key not related with that actions.

 

 

 - Another part "With Key, your passwords are safe":

 

Close to true too. In situation, when it's meaning : some password-managers can to use any plugins/addons or web-service like storage or something like that. All of that - can be vulnerable more.... and can be leaked during that story (which not possible with F-Secure Key design);

 

But again..... marketing...marketing.

 

Like addition (but it's break any "perfomance") here must be: "But with "vulnerable web-sites" - your passwords/credentials can be compromised". And for return "perfomance" - "Be careful..."  ...... and for "return marketing perfomance" - "...with the choice"

 

Currently.... most strange place in page with that information - it's check-feature about "who are in dangerous" - which in fact not really helpful with current realization.