Heartbleed
Posted: Wed Apr 09, 2014 3:51 pm
Is the forum affected by it? Also I just learned that you might want to change your minecraft password.
Page 1 of 2
Re: Heartbleed
Posted: Wed Apr 09, 2014 4:05 pm
I should probably do that.
Re: Heartbleed
Posted: Wed Apr 09, 2014 4:56 pm
No, the forum is safe from SSL exploits - it doesn't even use SSL.
Re: Heartbleed
Posted: Wed Apr 09, 2014 5:03 pm
SSL*
SSH is something else entirely :P
And yes, it is affected. Apache uses OpenSSL, which is where the vulnerability lies. You'll want to update it when a patched version is out.
SSH is something else entirely :P
And yes, it is affected. Apache uses OpenSSL, which is where the vulnerability lies. You'll want to update it when a patched version is out.
Re: Heartbleed
Posted: Wed Apr 09, 2014 5:58 pm
Sorry, I had just woken up from a nap.Tiel wrote:SSL*
SSH is something else entirely :P
And as far as I know, none of the website - even the login page - is actually secured in any meaningful way. I'll update everything, though, just because I should.
Re: Heartbleed
Posted: Fri Apr 11, 2014 5:10 pm
According to a random persons blog I saw earlier heart bleed works by dumping the servers recent memory to the hacker, so reasonably speaking changing your password would have higher chance of giving it to the hacker.
Il preper the laz0rs for when you all start advertising Canadian despots
Il preper the laz0rs for when you all start advertising Canadian despots
Re: Heartbleed
Posted: Fri Apr 11, 2014 5:13 pm
Except if you're changing it on services that got the security update that fixes Heartbleed.Shadowcat wrote:According to a random persons blog I saw earlier heart bleed works by dumping the servers recent memory to the hacker, so reasonably speaking changing your password would have higher chance of giving it to the hacker.
Re: Heartbleed
Posted: Fri Apr 11, 2014 5:17 pm
But how do you know it got updated? What if the service itself was hacked? What if the update is really a fake update that's a hack that steals your DNA so they can clone you an steal your identity.Ivan2006 wrote:Except if you're changing it on services that got the security update that fixes Heartbleed.Shadowcat wrote:According to a random persons blog I saw earlier heart bleed works by dumping the servers recent memory to the hacker, so reasonably speaking changing your password would have higher chance of giving it to the hacker.
Never trust a machine! The robot uprising is happening! Except for you proto your cool.
Re: Heartbleed
Posted: Sat Apr 12, 2014 3:36 am
Proto is not a robot. He has been confirmed to be a motorcycle.Shadowcat wrote:But how do you know it got updated? What if the service itself was hacked? What if the update is really a fake update that's a hack that steals your DNA so they can clone you an steal your identity.Ivan2006 wrote:Except if you're changing it on services that got the security update that fixes Heartbleed.Shadowcat wrote:According to a random persons blog I saw earlier heart bleed works by dumping the servers recent memory to the hacker, so reasonably speaking changing your password would have higher chance of giving it to the hacker.
Never trust a machine! The robot uprising is happening! Except for you proto your cool.
Re: Heartbleed
Posted: Sat Apr 12, 2014 6:28 am
Daynel wrote: Proto is not a robot. He has been confirmed to be a motorcycle.
Spoiler:
Re: Heartbleed
Posted: Sat Apr 12, 2014 10:45 am
Spoiler:
Re: Heartbleed
Posted: Sat Apr 12, 2014 11:13 am
Shadowcat wrote:According to a random persons blog I saw earlier heart bleed works by dumping the servers recent memory to the hacker, so reasonably speaking changing your password would have higher chance of giving it to the hacker.
Re: Heartbleed
Posted: Sat Apr 12, 2014 2:32 pm
That was actually pretty informative. Thank you.
Re: Heartbleed
Posted: Sat Apr 12, 2014 2:40 pm
LJS' comic was propably the most informative description of Heartbleed I ever got.
Re: Heartbleed
Posted: Sat Apr 12, 2014 2:44 pm
XKCD, for the win.