Author Topic: openSSL Exploit "Heartbleed"  (Read 5001 times)

Offline Happy Cat

  • *
  • Posts: 3856
  • Total Meseta: 48
openSSL Exploit "Heartbleed"
« on: April 10, 2014, 02:06:38 pm »
If you haven't read / heard about it. One of the leading open source security protocols had a huge flaw discovered in it, and this flaw affects a lot of websites that use SSL. Your SEGAbits account is fine, because we don't use SSL, but most big websites do use SSL, because it's more secure then plain HTTP.

The thing about this exploit is that changing your password won't do any good until the server software is updated that the site runs on. Here is a list of sites where it is safe to change your password, it's highly recommended you do change your password on all the sites it says you should... better to be safe then sorry.

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
« Last Edit: April 10, 2014, 02:10:32 pm by Will »

Offline Deefy

  • *
  • Posts: 378
  • Total Meseta: 6
  • SupporterOfSEGA & F.C.Internazionale
Re: openSSL Exploit "Heartbleed"
« Reply #1 on: April 10, 2014, 07:48:35 pm »
Thanks for the warning Shadi/Will, and also for the link  :)
SEGA STYLE

Offline Happy Cat

  • *
  • Posts: 3856
  • Total Meseta: 48
Re: openSSL Exploit "Heartbleed"
« Reply #2 on: April 11, 2014, 05:00:17 pm »
More info, apparently the NSA has known about this for 2 years and has been using it to their advantage

http://www.theverge.com/2014/4/11/5605444/the-nsa-has-exploited-heartbleed-bug-for-years-bloomberg-reports