JavaScript is required to use Bungie.net

OffTopic

Surf a Flood of random discussion.
Edited by DELIVER ME MEMES: 4/9/2014 11:44:22 PM
9

New "devastating" internet security bug

https://www.yahoo.com/tech/heres-what-you-need-to-know-about-the-heartbleed-bug-82120054478.html TL;DR: OpenSSL software has massive hole in it for 2 years, but has just been detected recently. [quote]Websites that are currently vulnerable to Heartbleed exploits include Yahoo, Comixology, Flickr, Imgur and OculusVR. Many other top sites — including Facebook, Google, Wikipedia, Amazon, Twitter, Apple and Microsoft — are not currently vulnerable, though some may have been in the past.[/quote] what do you think of this? this affects most sites throughout the internet including banks, etc. and to clarify Yahoo's main site is g2g, services like mail are not http://www.forbes.com/sites/jameslyne/2014/04/08/heartbeat-heartbleed-bug-breaks-worldwide-internet-security-again-and-yahoo/ http://www.bostonglobe.com/business/2014/04/09/heartbleed-scare-bad-sounds/4KGq7KIffclo5Y4Eo80YTJ/story.html update: forbes and boston globe link added

Posting in language:

 

Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

View Entire Topic
  • Edited by dazarobbo: 4/10/2014 6:17:16 AM
    I know it's going to seem counter-intuitive, but the one thing you probably [i]shouldn't[/i] do right now is change your passwords for any of the affected sites you use. You should wait until you have confirmation from the affected site(s) that they have been updated and are safe to use. [i]Then[/i], change your password. If you use any of the sites listed as vulnerable with SSL/TLS (https), but don't use anything particularly important (ie. anything that requires you to sign in or makes use of cookies for personalised interaction), feel free to keep using the sites. You won't be at any less risk than before. The same for any sites you use without SSL (ie. http only). Edit: also, bungie.net won't be affected since it uses IIS which, AFAIK, uses a proprietary implementation of SSL.

    Posting in language:

     

    Play nice. Take a minute to review our Code of Conduct before submitting your post. Cancel Edit Create Fireteam Post

    3 Replies
    You are not allowed to view this content.
    ;
    preload icon
    preload icon
    preload icon