Heartbleed virus/bug

This is an archive of the mabination.com forums which were active from 2010 to 2018. You can not register, post or otherwise interact with the site other than browsing the content for historical purposes. The content is provided as-is, from the moment of the last backup taken of the database in 2019. Image and video embeds are disabled on purpose and represented textually since most of those links are dead.

To view other archive projects go to https://archives.mabination.com

Froglord of DESTINY!!! wrote on 2014-04-09 19:00

An online bug called "Heartbleed" is affecting a huge chunk of the Internet, which means that a password change is likely in order for hundreds of millions of people.

More than half a million sites are vulnerable that use the security system called Open SSL, according Netcraft, and have had to install a new security patch. Before this patch, private data on websites such as Yahoo, Google and Tumblr could have been vulnerable to hackers, experts said. This bug was discovered by a team of security engineers at tech company Codenomicon and Neel Mehta of Google Security.

Joost Bijl, a product manager with the cybersecurity firm Fox IT, said that affected websites should be letting consumers know that a fix has been installed. But, so far it does not appear that any major website besides Tumblr have reached out to consumers.

Here's what you should know about "Heartbleed" and some ways to protect yourself:

http://abcnews.go.com/Business/heartbleed-online-bug/story?id=23256168

Not sure if FUD or real.
Osayidan wrote on 2014-04-09 22:23

So much misinformation about this it's pissing me off.

It is not a virus or bug, it's an exploit in OpenSSL version 1.0.1 to 1.0.1f. Look up CVE-2014-0160.

For the average person that pretty much means "https" secured websites, but not all of them. Only if they use those versions of OpenSSL, and if the heartbeat function is enabled (which it usually is unless you compiled it differently). That's where it gets the name heartbleed.

What the exploit does is allow a hacker to steal increments of 64K of what is in the servers RAM, which can include passwords, credit cards, or even the certificate keys that allow https, which means they would be able to decrypt https traffic from that website.

Google is not affected since they use perfect forward secrecy.

For the average interwebs user, there's nothing for you to do except change your passwords on websites that use https if you feel it's important enough, or if the website notifies you to do so. Other than that there isn't anything to do or worry about.
Froglord of DESTINY!!! wrote on 2014-04-09 23:36

This is what you get when you have cold-war gen newcasters talk about the internet.
Yoorah wrote on 2014-04-10 02:15

Except what they said in the news is technically accurate! Them using the term "bug" instead of "exploit" is inconsequential. It's a pretty big deal due to the sheer number of users affected AND the fact that this bug in OpenSSL has been around for a long time before this announcement, leaving you to wonder how much it could have been exploited until now. All while OpenSSL is supposed to be a technology that enhances security.

For companies affected by this, it's also a big deal as they have to deploy the fix, issue new certs and identify what data could have been compromised (and the nature of this bug makes it hard to do so).
Osayidan wrote on 2014-04-10 02:21

It is a big deal.
What's pissing me off is non-technical journalists reading things they don't understand and then passing this off as a virus, or something that's on the user end of things. Getting people in a panic over something they should just stay calm about and educate themselves on what they need to do, if anything.

The non-IT media is making this out to be everyone on the planet having their bank accounts hacked and credit cards stolen.
Yoorah wrote on 2014-04-10 03:30

Ah, well... most of what you read in mainstream, generalist media publications is BS. It's just that when they write about politics, finances, or other topics.. you might not know the difference, unlike with IT topics. :( I've set the bar low for most of em, so I don't care. I haven't really seen one that said user PCs have viruses as a result of this, though telling people that their banking accounts could be vulnerable isn't a bad idea... there's a chance it could well be true.
Splatulated wrote on 2014-04-10 04:13

so do need change passwords or no D: ?

sooo the effected site list
Testing nexon.com... no SSL.

isnt it nexon.net ?
Snowie Stormflower wrote on 2014-04-10 13:45

Quote from Splatulated;1213966:
isnt it nexon.net ?

nexon.net = Nexon NA
nexon.com = Nexon KR

Both are possible.