Potential Security Risk

Hello everyone.

My sister just told me about a bug called “CVE-2014-0160” - or simply “Heartbleed”. At first I was skeptical. I thought it was a hoax. But after some research, it seems like it’s a legitimate risk.

Basically, Heartbleed is a bug in OpenSSL. It’s not a virus, just a security flaw.

A huge one.

Exploiting this bug, people can get your usernames, passwords, and even credit card numbers. So the purpose of this topic is to urge y’all to change your passwords, and even if it does turn out to be a hoax, it doesn’t hurt to be careful.

Here are a few articles on it:

http://heartbleed.com/

http://www.forbes.com/sites/jameslyne/2014/04/08/heartbeat-heartbleed-bug-breaks-worldwide-internet-security-again-and-yahoo/

http://blog.existentialize.com/diagnosis-of-the-openssl-heartbleed-bug.html

http://www.cnet.com/news/heartbleed-bug-undoes-web-encryption-reveals-user-passwords/

You can test a server for Heartbleed here:

http://filippo.io/Heartbleed/

_ Moderators and administrators:  _If this counts as advertisement or spam, please remove it. However, I posted this out of sheer concern and nothing more. So even if you do remove it, please consider what I said first. Thanks!

Well, what’s funny is that it’s been around since 2012, yet it’s just now concerning people. Two years of collecting data while going relatively under the radar is a long time and by now, if you’ve used a compromised server, chances are it’s no longer so but you wouldn’t know if it was during those two years without the host of said servers directly telling you.

Thanks kooka!!! I appreciate ur concern for us!!! This is y this is my second family cuz we r all concerned for each other!! Thanks again kooka for the warning ur the bomb

Nice catch Kooka!

Sounds pretty familiar (how people just get concerned about it at the last minute), although since I barely purchase things on the internet anyway, I’m not up to date with security stuff. I mean, if h a c k e r s want to take my silver then they can take it. It’s not like I use it anyway. Haha. But, uh, that was a bad comparasion (how do you spell that word?) since you can’t exactly steal silver on HI. I think. Plus I’m anything but a tech-person.

I thought it said somewhere that Heartbleed was a new bug, though. Maybe a different version of an existing one, but who knows.

But yeah. Regardless of it being active for the past two years or not, it’s apparently a big thing now. So stay safe people. :x

Wow… This was quite shocking… Im a bit taken aback… Well, time to change all my passwords! Screw you heartbleed

I better check my server as well, hadn’t been aware of this one. 

There are lists posted online as to which common websites were hacked - such as emails, banks, etc. Luckily, I don’t need to change anything yet :slight_smile:

I don’t need to worry about my bank account getting hacked wanna know why? Of course you do

Cuz I don’t have one :stuck_out_tongue: