Maidens of the Kaleidoscope

~Bunbunmaru News~ => Letters to the Editor => Topic started by: Cybeast710 on April 11, 2014, 11:35:12 PM

Title: HEARTBLEED?
Post by: Cybeast710 on April 11, 2014, 11:35:12 PM

Helvetica, let me ask you a question?

A: Does this site use Open SSL

B: Is/Was it affected by the Heartbleed Bug (http://money.cnn.com/2014/04/11/technology/security/heartbleed-gear/)?

Title: Re: HEARTBLEED?
Post by: helvetica on April 12, 2014, 09:44:28 PM

Yes, and it was vulnerable before the announcement broke (I heard about the bug right when the CVE was posted). At that time as there was no patch for the flaw available, I had disabled SSL. Once I get some free time (I'm in the middle of finals right now) I will be generating new certificates for the site and invalidating everyone's passwords.

You should be changing your password on every site, but not until after they've confirmed they've both patched the flaw AND made new SSL certificates (the things your browser checks when creating a secure connection).