Heartbleed Bug - This doesn't look good

I'm glad that I don't actually use the SSL on my site for anything important at the moment.
 
Galdorf said:
Over 500 million websites are effected the NSA has been using this bug to snoop on people.
Click to expand...

Bubbajoe said:
^^^^Pure speculation....
Click to expand...

Yep. Because for the NSA to have done that requires two events. One that they have been recording encrypted web traffic (which is a given as they have admitted as much) AND that they have used this exploit to attack servers and retrieve the private SSL keys. That is unlikely unless you think that NSA was aware of this exploit before it was discovered Monday. Possible but I doubt it. And there is some dispute about IF a Private key CAN be retrieved in this way. Without the private keys what they have recorded is not going to be accessible.
 
what is even scarier is the CRA the equiv of IRS was using OpenSSL all sites are now closed and they are fixing atm that means no EFiling taxes.
 
ChCHVna.jpg
 
Well, Hostgator just patched my VPS. Took me out of commission for 1/2 during the busiest time of the day, but I'm happy it's fixed now.
 
Galdorf said:
NSA Exploited Heartbleed For Years
Click to expand...

I grow purple grass in my greenhouse that has the same effect as Viagra!

It is true, because I just said it. I don't need to provide proof, it is true, because I just said it. I don't need sources, it is true, because I just said it.

That link is a joke, and completely made up, just like my first sentence was. It has the same amount of logic and proof in it as my second through fourth sentences had.
 
Last edited:
Rocco said:
I grow purple grass in my greenhouse that has the same effect as Viagra! .......
Click to expand...


Wow, stiff opposition

Whether it's true or not is no longer relevant.

The general public has been alerted to this new "problem" and it puts computer techs in a bad light if we can't explain this "flaw" upon being asked .... whilst out on the job
 
bertie40 said:
Wow, stiff opposition

Whether it's true or not is no longer relevant.

The general public has been alerted to this new "problem" and it puts computer techs in a bad light if we can't explain this "flaw" upon being asked .... whilst out on the job
Click to expand...

Yes, learn about Heartbleed. Blog about it's affects. Tell them about how the websites you do business with (ie Carbonite) are safe, and not affected and never were, or if they were, how they are patched now. Recommend finding out if a website was vulnerable, and if it no longer is, changing the password. Know the bug.

However, if I was talking to a customer about the bug, and they tell me that the NSA took advantage of it for the last 2 years, then they showed me that link, or the Bloomberg story attached to it, I would have been hardpressed not to laugh in their face. I won't give any credibility to a story that some guy wrote online, without any basis. And I certainly won't spread the story to my customers.

Now that I know about this sillyness, I may not laugh in their face, so I guess it was good to read on here. I may not. Maybe. But I would have a big laugh as soon as I got in my car.
 
Rocco said:
Yes, learn about Heartbleed. Blog about it's affects. Tell them about how the websites you do business with (ie Carbonite) are safe, and not affected and never were, or if they were, how they are patched now. Recommend finding out if a website was vulnerable, and if it no longer is, changing the password. Know the bug.

However, if I was talking to a customer about the bug, and they tell me that the NSA took advantage of it for the last 2 years, then they showed me that link, or the Bloomberg story attached to it, I would have been hardpressed not to laugh in their face. I won't give any credibility to a story that some guy wrote online, without any basis. And I certainly won't spread the story to my customers.

Now that I know about this sillyness, I may not laugh in their face, so I guess it was good to read on here. I may not. Maybe. But I would have a big laugh as soon as I got in my car.
Click to expand...

How about Edward Snowden would you believe him?
how about Reuters?


New Snowden documents say NSA can break common Internet encryption
 
We patched our Linux hosting servers in 10 minutes and our IIS servers don't have openSSL.

Next bug please......
 
You must log in or register to reply here.

Similar threads

callthatgirl
Chapter Four of my New Outlook Book Up
Replies
0
Views
410
callthatgirl
callthatgirl
Appletax
[REQUEST] Free Version of Outlook Keeps Reinstalling
2
Replies
20
Views
3K
britechguy
britechguy
YeOldeStonecat
Gaming rig...help with client computer with vid card issues.
2
Replies
25
Views
3K
Rosco
Rosco
Appletax
[SOLVED] Intel Rapid Restore Driver Causes BSOD - DRIVER_POWER_STATE_FAILURE
Replies
3
Views
1K
Appletax
Appletax
GTP
Got this missive this morning...
Replies
13
Views
2K
xrobwx71
xrobwx71
Back
Top