The Glade 4.0

"Turn the lights down, the party just got wilder."
It is currently Sun Nov 24, 2024 2:57 am

All times are UTC - 6 hours [ DST ]




Post new topic Reply to topic  [ 6 posts ] 
Author Message
PostPosted: Fri Apr 11, 2014 1:17 pm 
Offline
God of the IRC
User avatar

Joined: Wed Sep 02, 2009 7:35 pm
Posts: 3041
Location: The United States of DESU
What is it?
Heartbleed is a vulnerability in recent (2012-2014) versions of the OpenSSL library that allows malicious attackers to steal data from webservers. See this XKCD comic for details:
Spoiler:
Image



Is the Glade affected?
No. If the website doesn't use https, then it's not affected. If the website doesn't use OpenSSL, it's not affected. If the version of OpenSSL is before early 2012, it's not affected.

What should I do if I think I'm compromised?
If a website does have a vulnerable version of OpenSSL, hopefully they've updated their software by now to a fixed version. If so, changing your password is your best course of action. If they haven't, don't go to the website until they do.


That's all I got for now. I'm sure others can add more info and discourse.

_________________
Image


Top
 Profile  
Reply with quote  
PostPosted: Fri Apr 11, 2014 1:30 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
Don't change your password for a particular website until that website has said that they've patched the exploit. Otherwise you'll just have to change it again afterwards.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Apr 11, 2014 3:00 pm 
Offline
Rihannsu Commander

Joined: Thu Sep 03, 2009 9:31 am
Posts: 4709
Location: Cincinnati OH
More than that, if you use the same password/login for a number of sites, and you change them all when even one is still pre-patch, you risk exposing that username/password combo, compromising all sites. Only change the passwords for sites known to be unaffected (If it shared a username/password with other sites that were) or sites that are now patched.



https://lastpass.com/heartbleed/

Does some checking -- if anyone knows a better check site, pass it on. I believe Chrome has an extension published somewhere that will warn you if you're at a heartbleed vulnerable site, as well.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Apr 11, 2014 6:48 pm 
Offline
I got nothin.
User avatar

Joined: Thu Sep 03, 2009 7:15 pm
Posts: 11160
Location: Arafys, AKA El Müso Guapo!
Image

_________________
Image
Holy shitsnacks!


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Apr 12, 2014 8:22 am 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
You mean the thing Mookhow posted in the spoiler of the OP, Müs?

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon Apr 14, 2014 1:56 pm 
Offline
I got nothin.
User avatar

Joined: Thu Sep 03, 2009 7:15 pm
Posts: 11160
Location: Arafys, AKA El Müso Guapo!
Shush you. :p

_________________
Image
Holy shitsnacks!


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

All times are UTC - 6 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 172 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group