Looks like a nasty one.
http://www.theepochtimes.com/n3/609175- ... s-at-risk/
the rum soaked fist: internal martial arts forum
dedicated to the discussion of the chinese internal martial arts of xingyiquan, baguazhang, taijiquan, related arts, and anything else best discussed over a bottle of rum
Heartbleed Bug
10 posts • Page 1 of 1
Re: Heartbleed Bug
by klonk on Tue Apr 08, 2014 9:20 pm
If a hack is public knowledge, your online vendors are already on top of it. Not to worry.
It's always the next artillery barrage that worries me. (That self-stultifying bon mot is courtesy of my grandfather.)
BTW, Yahoo required me to change my password and answer all my secret questions before they would let me get my email. So yeah, they got hit.
It's always the next artillery barrage that worries me. (That self-stultifying bon mot is courtesy of my grandfather.)
BTW, Yahoo required me to change my password and answer all my secret questions before they would let me get my email. So yeah, they got hit.
I define internal martial art as unusual muscle recruitment and leave it at that. If my definition is incomplete, at least it is correct so far as it goes.
-
klonk - Great Old One
- Posts: 6776
- Joined: Tue May 13, 2008 11:46 am
Re: Heartbleed Bug
by Interloper on Wed Apr 09, 2014 8:20 am
Looks like this one has been around for two years, which is plenty of time for many people's passwords to have been stolen. Yahoo just discovered it and made patches yesterday.
Pariah without peer
-
Interloper - Great Old One
- Posts: 4816
- Joined: Tue May 13, 2008 5:35 pm
- Location: USA
Re: Heartbleed Bug
by Dmitri on Wed Apr 09, 2014 10:56 am
WE'RE ALL GONNA DIIIIEEEEEEE!!!!!1!!!!¡!!!!!!!
-
Dmitri - Great Old One
- Posts: 9741
- Joined: Fri May 02, 2008 1:04 pm
- Location: Atlanta, GA (USA)
Re: Heartbleed Bug
by chud on Wed Apr 09, 2014 11:12 am
Yep, Heartbleed is the reason I am non-stop busy at work today.
Obligatory xkcd cartoon: http://xkcd.com/1353/
Obligatory xkcd cartoon: http://xkcd.com/1353/
Last edited by chud on Wed Apr 09, 2014 12:19 pm, edited 1 time in total.
-
chud - Great Old One
- Posts: 3546
- Joined: Fri May 16, 2008 7:42 am
- Location: Alamo City, Lone Star State
Re: Heartbleed Bug
by Steve James on Thu Apr 10, 2014 12:52 pm
Github user Mustafa Al-Bassam performed a mass scan for vulnerable sites at 16:00 UTC (noon eastern time) on April 8th. It features over 10,000 websites, and he found that 627 of them were vulnerable to the bug. Yahoo sites (including email and Tumblr) were vulnerable, as was the popular dating site OkCupid.
https://github.com/musalbas/heartbleed- ... 1384201823
"A man is rich when he has time and freewill. How he chooses to invest both will determine the return on his investment."
-
Steve James - Great Old One
- Posts: 21197
- Joined: Tue May 13, 2008 8:20 am
Re: Heartbleed Bug
by HaraldH on Mon Apr 14, 2014 11:07 am
Amazing - hundreds of Ph.D. or master students should be looking at the code but probably people thought 'no, there is already too many looking at it' 
Also, keeping private keys and passwords in the same memory space as some easy to neglect heartbeat code ... the whole CPU and memory architecture is just too unsafe
Also, keeping private keys and passwords in the same memory space as some easy to neglect heartbeat code ... the whole CPU and memory architecture is just too unsafe
-
HaraldH - Anjing
- Posts: 151
- Joined: Sun Mar 14, 2010 2:40 am
Re: Heartbleed Bug
by chud on Mon Apr 14, 2014 12:04 pm
Yep. Theo from the OpenBSD project laid the smackdown on the OpenSSL team: http://article.gmane.org/gmane.os.openbsd.misc/211963
Last edited by chud on Mon Apr 14, 2014 12:04 pm, edited 1 time in total.
-
chud - Great Old One
- Posts: 3546
- Joined: Fri May 16, 2008 7:42 am
- Location: Alamo City, Lone Star State
10 posts • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 23 guests