Flechmen 0 Report post Posted April 11, 2014 There has been a huge security hole discovered, and it's being said that it's the biggest security hole ever on the internet. In a nutshell, an attacker can get your usernames, passwords, etc. very easilly from various websites. You can read more about it here: http://heartbleed.com/ Amazon, Google, Facebook, etc. will probably post large banners and send you emails telling you to change your passwords when they fix their stuff. Keep an eye out for these! CF and associated sites and services are not vulnerable. We are using the most up to date release of OpenSSL and GNUTLS. You can see if your favorite websites are vulnerable here: https://lastpass.com/heartbleed/ Please keep an eye on your financual records and change your passwords when you're given the OK to do so. If you run a Mac or Linux computer, make sure you have all of your updates installed. (Windows uses Microsoft's implementation of SSL, which is in no way related to OpenSSL.) Stay safe guys! Share this post Link to post Share on other sites
James SilverWolf† 1 Report post Posted April 11, 2014 Appreciate the heads up Adair, (although I actually don't believe this vuln. exists , as I haven't seen hard evidence as yet, how can we independently verify that it does actually exist?) I've actually heard that this exploit is over 3 years old, I wonder at why it took them so long to bother trying to repair it? o.0 Share this post Link to post Share on other sites
Lu-Man† 0 Report post Posted April 11, 2014 I hadn't heard of this. Thanks for the update. Share this post Link to post Share on other sites
Flechmen 0 Report post Posted April 11, 2014 Appreciate the heads up Adair, (although I actually don't believe this vuln. exists , as I haven't seen hard evidence as yet, how can we independently verify that it does actually exist?) I've actually heard that this exploit is over 3 years old, I wonder at why it took them so long to bother trying to repair it? o.0 OpenSSL and 3rd party security firms have been tracking down where the bug is, how to fix it, and so on. Share this post Link to post Share on other sites
Wolfheart1002† 0 Report post Posted April 12, 2014 So.... I guess I shouldn't give out all my bank info online? I guess I better ask for a retraction of that thread I put on Reddit. Share this post Link to post Share on other sites
Hybrilynx† 0 Report post Posted April 19, 2014 I got a Norton email about this. GNUTLS sounds funny too :3 Share this post Link to post Share on other sites
Flechmen 0 Report post Posted April 19, 2014 It almost sounds like "noodles" if you try to pronounce it. Share this post Link to post Share on other sites
Lu-Man† 0 Report post Posted April 20, 2014 I prefer the term noodles to heart bleed now. You just started a trend! Share this post Link to post Share on other sites
