Heartbleed bug

[pinksheep]

Just was reading about the Heartbleed bug. Can anyone tell me if sites like bitcoinpaperwallet & bitaddress were affected by this bug? I made my paper wallets on bitcoinpaperwallet using a tablet which was only ever connected to the internet long enough to save the page for offline usage & which will never be online again. Could the security of my paper wallets have been affected in any way?

[byt411]

No, no and no.
To check if a site is vulnerable, use this: http://filippo.io/Heartbleed/

[jdun]

You're taking a risk storing coins online. Websites come and go frequently. Exchanges come and go. I've lost coins when exchanges have been hacked or taken offline. I wouldn't trust any paperwallet site to keep my coins for any length of time. You're always better off keeping your coins on your computer. Even with a strong exchange like bitstamp or coinbase, I trust my computer more. If Mt.Gox could fold, then any of the exchanges could fold and you could lose it all.

[jparsley]

I think those sites are safe as yous browser dosent send info back to the site.

[Equate]

The data you send over the browser is not in encrypted form even though you browse SSL site.Your information is comprised.

[Dare]

Just was reading about the Heartbleed bug. Can anyone tell me if sites like bitcoinpaperwallet & bitaddress were affected by this bug? I made my paper wallets on bitcoinpaperwallet using a tablet which was only ever connected to the internet long enough to save the page for offline usage & which will never be online again. Could the security of my paper wallets have been affected in any way?

While the websites themselves may have been affected, your paper wallets are safe. Heartbleed allows attackers to peek into protected system memory by sending a malformed TLS heartbeat packet, which will only work if the target device is connected to the internet. As you generated your wallets offline, the only way this could have affected you is if bitaddress was hacked and set to use a faulty random number generator before you downloaded the page, and this highly unlikely and would almost definitely have been noticed and publicized by others shortly after the hack. Even a faulty RNG would still probably provide some security, albeit far less than a working one.

TL;DR: Your paper wallets are safe.

[pinksheep]

Well, I'm not much the wiser byt411 & Dare say my paper wallets are safe & Equate says my details are compromised, not sure who to believe.

[Equate]

Well, I'm not much the wiser byt411 & Dare say my paper wallets are safe & Equate says my details are compromised, not sure who to believe.

its not compromised  , but it could have been possible if that bug was exploited . Better change your passwords on sites using ssl.

[byt411]

Well, I'm not much the wiser byt411 & Dare say my paper wallets are safe & Equate says my details are compromised, not sure who to believe.

Read below.

The data you send over the browser is not in encrypted form even though you browse SSL site.Your information is comprised.

You clearly have no idea what you are talking about, since you don't understand what "saved the page for offline usage" means. As dare said, the wallets were generated offline, and Heartbleed can only be exploited if something is online.

You're taking a risk storing coins online. Websites come and go frequently. Exchanges come and go. I've lost coins when exchanges have been hacked or taken offline. I wouldn't trust any paperwallet site to keep my coins for any length of time. You're always better off keeping your coins on your computer. Even with a strong exchange like bitstamp or coinbase, I trust my computer more. If Mt.Gox could fold, then any of the exchanges could fold and you could lose it all.

Please read what OP wrote before writing useless comments. His wallets and coins are not online in any shape or form.

[cookmac]

So basically get a paper wallet.

[byt411]

So basically get a paper wallet.

Have you finished your sentence? So basically get a paper wallet for sercurity? For safekeeping? ?