Heartbleed

Protagonist · Postby **Protagonist** » Thu 10 Apr, 2014 4:26 am

I am not really good with code and comptuer security. So I have to ask, is this site effected by the whole heartbleed vulnerability? What about Gamesreplays? Steam? Does anyone know?

For context, this is heartbleed:
http://www.washingtonpost.com/news/morn ... -internet/

Lulgrim · Postby **Lulgrim** » Thu 10 Apr, 2014 5:07 am

I understand fuck all about all that tbh. But as for Steam, http://www.incgamers.com/2014/04/heartb ... -say-valve

Uncle Milty · Postby **Uncle Milty** » Thu 10 Apr, 2014 4:13 pm

only OpenSSL. OpenSSL provides a open source SSL version basically which is used for https. No https on this site afaik. User login should be using hash functions on the php authentication framework that doesn't transmit your login data plaintext-ly.

Nuclear Arbitor · Postby **Nuclear Arbitor** » Thu 10 Apr, 2014 8:04 pm

some of the newest versions of OpenSSL, 1.0.1 and 1.0.2, released in 2012, have some problems that enable 64kb of memory to be retrieved.

wikipedia has a decent overview of it.

Lulgrim · Postby **Lulgrim** » Fri 11 Apr, 2014 7:19 pm

http://www.xkcd.com/1354/

BaptismByLoli · Postby **BaptismByLoli** » Fri 11 Apr, 2014 7:28 pm

So basically, Heartbleed causes the server to go HAL 9000 and start spilling information about everything?

Uncle Milty · Postby **Uncle Milty** » Fri 11 Apr, 2014 8:44 pm

yes, as long as the SSL connection needs to be kept alive. Got fixed on newer versions tho and not all old versions were affected. really stupid bug

Heartbleed

Heartbleed

Re: Heartbleed

Re: Heartbleed

Re: Heartbleed

Re: Heartbleed

Re: Heartbleed

Re: Heartbleed

Who is online