SEGAbits Forums

Off Topic => Everything Else => Topic started by: Happy Cat on April 10, 2014, 02:06:38 pm

Title: openSSL Exploit "Heartbleed"
Post by: Happy Cat on April 10, 2014, 02:06:38 pm

If you haven't read / heard about it. One of the leading open source security protocols had a huge flaw discovered in it, and this flaw affects a lot of websites that use SSL. Your SEGAbits account is fine, because we don't use SSL, but most big websites do use SSL, because it's more secure then plain HTTP.

The thing about this exploit is that changing your password won't do any good until the server software is updated that the site runs on. Here is a list of sites where it is safe to change your password, it's highly recommended you do change your password on all the sites it says you should... better to be safe then sorry.

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

Title: Re: openSSL Exploit "Heartbleed"
Post by: Deefy on April 10, 2014, 07:48:35 pm

Thanks for the warning Shadi/Will, and also for the link  :)

Title: Re: openSSL Exploit "Heartbleed"
Post by: Happy Cat on April 11, 2014, 05:00:17 pm

More info, apparently the NSA has known about this for 2 years and has been using it to their advantage

http://www.theverge.com/2014/4/11/5605444/the-nsa-has-exploited-heartbleed-bug-for-years-bloomberg-reports