Results 1 to 9 of 9
  1. #1
    El Presidente
    podsaurus's Avatar
    Join Date
    Jul 2008
    Location
    in a box
    Age
    23
    Posts
    3,974
    Rep Power
    72
    Points
    25,148 (0 Banked)

    'Heartbleed' password hacking

    Not that I have any super sensitive information on this site but there is an exploit that I heard about on the news today that will force a lot of people to change passwords for websites. I would appreciate it if someone could tell me if PSU has been affected, when a fix will happen and whether I should change my password or not.

    That and in case anyone hasn't heard about it now you know.

    http://www.thewire.com/technology/20...ternet/360366/

    Focus. Control. Conviction. Resolve. A true ace lacks none of these attributes. Nothing can deter you from the task at hand except your own fears. This is your sky.

  2. #2
    PSU Technical Advisor
    Vulgotha's Avatar
    Join Date
    Jan 2007
    Age
    23
    Posts
    15,952
    Rep Power
    143
    Points
    106,578 (0 Banked)
    Achievements IT'S OVER 9000!
    PSU is really the last place people should be concerned about concerning this hack.

    Try financial & academic institutions, ecommerce sites..

    It's possible that PSU is vulnerable, but until they update the OSSL implementation they're using here it won't matter what you do with your password. It can just be stolen again.


  3. #3
    Super Moderator
    Admartian's Avatar
    Join Date
    Nov 2006
    Location
    New Zealand
    PSN ID
    admartian
    Age
    27
    Posts
    12,995
    Rep Power
    128
    Points
    39,758 (0 Banked)
    Items ArsenalVitaUser name styleSteamPS3 Slim
    Achievements IT'S OVER 9000!
    I got this for a service (mapping) called MapBox.

    Thanks to this thread, I've been warned.

    #IndieStation4 and proud of it.

  4. #4
    Supreme Veteran
    keefy's Avatar
    Join Date
    Nov 2007
    Location
    The Sock Gap
    Posts
    17,538
    Rep Power
    126
    Points
    58,118 (0 Banked)
    Items Gran Turismo 5Michelle MarshDoomid SoftwareCommodore 64Metal Gear Solid
    Achievements IT'S OVER 9000!
    Quote Originally Posted by Vulgotha View Post
    PSU is really the last place people should be concerned about concerning this hack.

    Try financial & academic institutions, ecommerce sites..

    It's possible that PSU is vulnerable, but until they update the OSSL implementation they're using here it won't matter what you do with your password. It can just be stolen again.
    True but some idiots use the same for all the sites they use, but they are idiots.

  5. #5
    Administrator
    Brandon's Avatar
    Join Date
    Nov 2004
    Age
    30
    Posts
    12,230
    Rep Power
    126
    Points
    119,629 (18,076 Banked)
    Items Ghost in the ShellTidusLightningBruce LeeAppleUser name style
    Achievements IT'S OVER 9000!
    This isn't a typical hacked password exploit. Changing your password isn't going to do anything until the vulnerable sites in question patch their websites.

    To test to see if a site you frequent is vulnerable, use this tool here: http://filippo.io/Heartbleed/


    PSU is not affected by this, so we have nothing to worry about here.


    Also, Macs and iOS are unaffected by this as well.
    Last edited by Brandon; 04-10-2014 at 04:23.
    "The biggest adversary in our life is ourselves. We are what we are, in a sense, because of the dominating thoughts we allow to gather in our head. All concepts of self-improvement, all actions and paths we take, relate solely to our abstract image of ourselves. Life is limited only by how we really see ourselves and feel about our being. A great deal of pure self-knowledge and inner understanding allows us to lay an all-important foundation for the structure of our life from which we can perceive and take the right avenues.

  6. #6
    Supreme Veteran
    keefy's Avatar
    Join Date
    Nov 2007
    Location
    The Sock Gap
    Posts
    17,538
    Rep Power
    126
    Points
    58,118 (0 Banked)
    Items Gran Turismo 5Michelle MarshDoomid SoftwareCommodore 64Metal Gear Solid
    Achievements IT'S OVER 9000!
    Quote Originally Posted by PBM View Post
    This isn't a typical hacked password exploit. Changing your password isn't going to do anything until the vulnerable sites in question patch their websites.

    To test to see if a site you frequent is vulnerable, use this tool here: http://filippo.io/Heartbleed/


    PSU is not affected by this, so we have nothing to worry about here.


    Also, Macs and iOS are unaffected by this as well.
    Maybe I am wrong but from what I have read this is server side exploit not on the clients computer so doesn't matter their OS.
    Last edited by keefy; 04-10-2014 at 09:40.

  7. #7
    Administrator
    Brandon's Avatar
    Join Date
    Nov 2004
    Age
    30
    Posts
    12,230
    Rep Power
    126
    Points
    119,629 (18,076 Banked)
    Items Ghost in the ShellTidusLightningBruce LeeAppleUser name style
    Achievements IT'S OVER 9000!

    'Heartbleed' password hacking

    Quote Originally Posted by keefy View Post
    Maybe I am wrong but from what I have read this is server side exploit not on the clients computer so doesn't matter their OS.
    I was referring to SSL in operating systems. This is an SSL exploit and yes it is server side. The OS's themselves are not at risk, but the websites people visit are. Companies are patching up their sites quite fast, though. None of the ones I frequent are vulnerable or have been fixed.

    That LastPass site shows different results. The one I linked is showing SteamPowered as not vulnerable or fixed.


    Edit: Yeah, checking around and the LastPass tool is garbage. Literally every website you put into it says it's "probably vulnerable" with no indications as to why. Helpful stuff.

    Edit again: Yep. Please use the one I linked. The LastPass tool is garbage and references the original one I posted. It still shows Imgur as vulnerable based on yesterday's data despite the site being fixed.

    This is very dumb and not reassuring. -_-
    Last edited by Brandon; 04-10-2014 at 06:52.
    "The biggest adversary in our life is ourselves. We are what we are, in a sense, because of the dominating thoughts we allow to gather in our head. All concepts of self-improvement, all actions and paths we take, relate solely to our abstract image of ourselves. Life is limited only by how we really see ourselves and feel about our being. A great deal of pure self-knowledge and inner understanding allows us to lay an all-important foundation for the structure of our life from which we can perceive and take the right avenues.

  8. #8
    Chocolatier to the Stars
    TidalPhoenix's Avatar
    Join Date
    Dec 2006
    Location
    Behind you!
    PSN ID
    TidalPhoenix
    Posts
    11,730
    Rep Power
    117
    Points
    15,278 (0 Banked)
    Items New User TitleUser name style
    Achievements IT'S OVER 9000!
    After testing the site and it shows green then you can safely change your password. Do not change you password if a site shows red as it can just be harvested again.

    ​aka Sparc

    Entropy isn't what it used be

  9. #9
    Elite Member
    K2D's Avatar
    Join Date
    Oct 2006
    PSN ID
    Cathode
    Age
    27
    Posts
    1,770
    Rep Power
    67
    Points
    10,608 (0 Banked)
    Items LuluYunaDaft Punk
    Just issued a warning on facebook. Don't use your email passwords anywhere else people..

    Wishlist: Jade Cocoon Reboot, Oni Reboot, the next JRPG, Wasteland 2 [coming soon!]
    SotC 2, Fallout 4, next Obsidian Fallout, Project Eternity, Uncharted 4, Divinity [NEW!]
    ...
    [South Park: Stick of Truth is pure gaming bliss!]

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
vBCredits II Deluxe v2.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2010-2014 DragonByte Technologies Ltd.