Results 1 to 9 of 9
  1. #1
    El Presidente
    podsaurus's Avatar
    Join Date
    Jul 2008
    Location
    in a box
    Age
    24
    Posts
    4,097
    Rep Power
    80

    'Heartbleed' password hacking

    Not that I have any super sensitive information on this site but there is an exploit that I heard about on the news today that will force a lot of people to change passwords for websites. I would appreciate it if someone could tell me if PSU has been affected, when a fix will happen and whether I should change my password or not.

    That and in case anyone hasn't heard about it now you know.

    http://www.thewire.com/technology/20...ternet/360366/

    Focus. Control. Conviction. Resolve. A true ace lacks none of these attributes. Nothing can deter you from the task at hand except your own fears. This is your sky.

  2. #2
    Power Member
    Vulgotha's Avatar
    Join Date
    Jan 2007
    Age
    24
    Posts
    15,778
    Rep Power
    150
    PSU is really the last place people should be concerned about concerning this hack.

    Try financial & academic institutions, ecommerce sites..

    It's possible that PSU is vulnerable, but until they update the OSSL implementation they're using here it won't matter what you do with your password. It can just be stolen again.


  3. #3
    Wibbly Wobbly
    Admartian's Avatar
    Join Date
    Nov 2006
    Location
    New Zealand
    PSN ID
    admartian
    Age
    28
    Posts
    13,380
    Rep Power
    138
    Items ArsenalVitaUser name styleSteamPS3 Slim
    I got this for a service (mapping) called MapBox.

    Thanks to this thread, I've been warned.
    Be Together - Not the same.



  4. #4
    Supreme Veteran
    keefy's Avatar
    Join Date
    Nov 2007
    Location
    The Sock Gap
    Posts
    17,878
    Rep Power
    132
    Items Gran Turismo 5Michelle MarshDoomid SoftwareCommodore 64Metal Gear Solid
    Quote Originally Posted by Vulgotha View Post
    PSU is really the last place people should be concerned about concerning this hack.

    Try financial & academic institutions, ecommerce sites..

    It's possible that PSU is vulnerable, but until they update the OSSL implementation they're using here it won't matter what you do with your password. It can just be stolen again.
    True but some idiots use the same for all the sites they use, but they are idiots.

  5. #5
    Administrator
    Brandon's Avatar
    Join Date
    Nov 2004
    PSN ID
    BrandonJBX
    Posts
    13,048
    Rep Power
    788
    This isn't a typical hacked password exploit. Changing your password isn't going to do anything until the vulnerable sites in question patch their websites.

    To test to see if a site you frequent is vulnerable, use this tool here: http://filippo.io/Heartbleed/


    PSU is not affected by this, so we have nothing to worry about here.


    Also, Macs and iOS are unaffected by this as well.
    Last edited by Brandon; 04-10-2014 at 04:23.


    "Love the life you live, and live the life you love." ~ Bob Marley

  6. #6
    Supreme Veteran
    keefy's Avatar
    Join Date
    Nov 2007
    Location
    The Sock Gap
    Posts
    17,878
    Rep Power
    132
    Items Gran Turismo 5Michelle MarshDoomid SoftwareCommodore 64Metal Gear Solid
    Quote Originally Posted by PBM View Post
    This isn't a typical hacked password exploit. Changing your password isn't going to do anything until the vulnerable sites in question patch their websites.

    To test to see if a site you frequent is vulnerable, use this tool here: http://filippo.io/Heartbleed/


    PSU is not affected by this, so we have nothing to worry about here.


    Also, Macs and iOS are unaffected by this as well.
    Maybe I am wrong but from what I have read this is server side exploit not on the clients computer so doesn't matter their OS.
    Last edited by keefy; 04-10-2014 at 09:40.

  7. #7
    Administrator
    Brandon's Avatar
    Join Date
    Nov 2004
    PSN ID
    BrandonJBX
    Posts
    13,048
    Rep Power
    788

    'Heartbleed' password hacking

    Quote Originally Posted by keefy View Post
    Maybe I am wrong but from what I have read this is server side exploit not on the clients computer so doesn't matter their OS.
    I was referring to SSL in operating systems. This is an SSL exploit and yes it is server side. The OS's themselves are not at risk, but the websites people visit are. Companies are patching up their sites quite fast, though. None of the ones I frequent are vulnerable or have been fixed.

    That LastPass site shows different results. The one I linked is showing SteamPowered as not vulnerable or fixed.


    Edit: Yeah, checking around and the LastPass tool is garbage. Literally every website you put into it says it's "probably vulnerable" with no indications as to why. Helpful stuff.

    Edit again: Yep. Please use the one I linked. The LastPass tool is garbage and references the original one I posted. It still shows Imgur as vulnerable based on yesterday's data despite the site being fixed.

    This is very dumb and not reassuring. -_-
    Last edited by Brandon; 04-10-2014 at 06:52.


    "Love the life you live, and live the life you love." ~ Bob Marley

  8. #8
    Fire the space harpoons!
    TidalPhoenix's Avatar
    Join Date
    Dec 2006
    Location
    In your urinary tract
    PSN ID
    TidalPhoenix
    Posts
    12,218
    Rep Power
    125
    Items New User TitleUser name style
    After testing the site and it shows green then you can safely change your password. Do not change you password if a site shows red as it can just be harvested again.

    ​aka Sparc

    Entropy isn't what it used be

  9. #9
    Forum Elder
    K2D's Avatar
    Join Date
    Oct 2006
    PSN ID
    Cathode
    Age
    28
    Posts
    2,548
    Rep Power
    77
    Items LuluYunaDaft Punk
    Just issued a warning on facebook. Don't use your email passwords anywhere else people..





Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
vBCredits II Deluxe v2.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2010-2015 DragonByte Technologies Ltd.