[TC] Gaming Forums

http://heartbleed.com/

People at Google found a bug in OpenSSL that can allow an attacker to leak up to 64k of memory from the server. That memory can contain your encrypted traffic along with the SSL certificate and the decryption key. Don't trust any website you visit in the next couple of days before you check it using something like http://filippo.io/Heartbleed/ .

Worst part? This bug has existed for over 2 years, you can actually view the github commit that included the bug here, so theres no way of telling whos abused this bug and where your data has gone.

If you have SSL certificates for your site(s), revoke them, if you're using Linux or MaxOSX, update OpenSSL.

It's in danish news today, and they suggest that we change our passwords on certain popular sites.

I wasn't aware of this before.

OpenSSL is a bit of a mess to be honest. But I guess we still don't have many better options.

Heatbleed apperantly was abused in Nov. 2013 from 2 computers which are part of a botnet to read chatlogs from the Freenode IRC Network.

German source:
http://www.golem.de/news/openssl-bug-spu...05782.html

(2014-04-10 15:09)Michi Wrote: [ -> ].. to read chatlogs from the Freenode IRC Network.

Imagine someone breaks in and reads from our forum!

(2014-04-10 15:23)Chuck Wrote: [ -> ]

(2014-04-10 15:09)Michi Wrote: [ -> ].. to read chatlogs from the Freenode IRC Network.

Imagine someone breaks in and reads from our forum!

Or finds your collection of "gentlemen's literature".

"The passwords you need to change right now"

http://mashable.com/2014/04/09/heartblee...-main-link

(2014-04-10 16:47)Pete Wrote: [ -> ]

(2014-04-10 15:23)Chuck Wrote: [ -> ]

(2014-04-10 15:09)Michi Wrote: [ -> ].. to read chatlogs from the Freenode IRC Network.

Imagine someone breaks in and reads from our forum!

Or finds your collection of "gentlemen's literature".

Imagine the horrors!

If you still have no idea what the Heartbleed bug is about:

Hmm that really clears it up. Thanks Pete!