Storing Cookies (See : http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm ) help us to bring you our services at overunity.com . If you use this website and our services you declare yourself okay with using cookies .More Infos here:
https://overunity.com/5553/privacy-policy/
If you do not agree with storing cookies, please LEAVE this website now. From the 25th of May 2018, every existing user has to accept the GDPR agreement at first login. If a user is unwilling to accept the GDPR, he should email us and request to erase his account. Many thanks for your understanding

User Menu

Custom Search
« previous next »
Pages: [1]   Go Down

Author Topic: Heartbleed bug - affects majority of Internet secure sites - MUST READ  (Read 3214 times)

e2matrix

  • Hero Member
  • *****
  • Posts: 1956
Heartbleed bug - affects majority of Internet secure sites - MUST READ
« on: April 09, 2014, 07:30:54 PM »
In case you don't read major news sites a lot you don't want to miss info on this as it is a HUGE security hole in the majority of secure web sites.   That means your local bank, sites like eBay, retail sites and others you have credit cards or personal info on etc. may be completely wide open to hackers until this gets fixed.   After it is fixed and ONLY after it is fixed you need to change your passwords on those sites.   Some major sites like eBay already have fixed this but it is estimated 66% of some 959 Million servers may have this bug in the SSL/TLS secure code.   IMO this may be one of the worst security problems ever facing the Internet.   Read the articles on it.  One of the problems is it may take years for it to be totally fixed due to the system involving security certificates which need to be dumped and new ones issued.


Best thing you can do is contact smaller businesses that have secure sites to make sure they are aware of this.   The one web site mentioned in news articles that is said to be able to check a secure site for this bug is essentially useless at this time - probably due to extreme overload from people trying to use it now.   Spread the word....
Logged

dtard

  • Newbie
  • *
  • Posts: 6
Re: Heartbleed bug - affects majority of Internet secure sites - MUST READ
« Reply #1 on: April 10, 2014, 10:24:41 AM »
With out victims I don't see a problem other than the government wants more control. So This is the story so far a bug/virus has infected 80% of all sites nobody knows it's there they don't know how to find it has all the encryption keys but their gona fix it could take time hurry change your passwords now really give me a break. When bill gates files a police report that 80% of his money is missing then I will listen.
Logged

Tseak

  • Newbie
  • *
  • Posts: 42
Re: Heartbleed bug - affects majority of Internet secure sites - MUST READ
« Reply #2 on: April 10, 2014, 11:19:25 AM »
This is a programming bug in the OPENSSL libraries. It only affects the servers using OPENSSL, which unfortunately is a very large number. The fix is available already but the first problem is implementing it quickly. The second more serious problem is that no one knows what data may or may not have been compromised - probably not that much as the data acquired is random in nature. This bug allows the attacker to download 64k chunks of the server's memory. That may or may not be useful to the attacker - lucky draw. But he can repeat the attack as often as he likes, its not easily detectable. The practical solution for the man in the street is to stay off the secure sites for a few days (unless you know that they do not run this particular software) to allow for the fix to be implemented then change all your passwords.

http://mybroadband.co.za/news/security/100358-internet-users-cant-thwart-heartbleed-bug.html
Logged
Pages: [1]   Go Up
« previous next »