You are not logged in - nap CSDb User Forums Forums > CSDb Feedback > "HeartBleed" 2014-04-10 07:44 Conrad Registered: Nov 2006 Posts: 833 "HeartBleed" So I was reading some news this morning about this so-called "Heartbleed" bug, which would try to decrypt your account passwords when you log in. Out of interest I put in the CSDB website (both the .dk and .c64.org domains) in the checker tool provided by LastPass (https://lastpass.com/heartbleed), and reports that the CSDB website is vulnerable to the bug due to using OpenSSL. Even though this site is proned to this bug, do any of you reckon that it won't pay the cost of losing a lot of data on this website? At the end of the day, this is a small community compared to Facebook, Google+ etc. 2014-04-10 07:46 Shine Registered: Jul 2012 Posts: 327 Very interesting! 2014-04-10 08:11 Burglar Registered: Dec 2004 Posts: 1031 the check linked by conrad is probably incorrect. afaik openssl 0.9.8 is *not* vulnerable. 2014-04-10 08:32 lemming Registered: Oct 2009 Posts: 44 Yup, Burglar is right, 0.9.8-series is ok. Also http://filippo.io/Heartbleed/#csdb.dk 2014-04-10 14:11 Scout Registered: Dec 2002 Posts: 1568 All you want to know about the Hearbleed bug, which OpenSSL versions are vulnerable and which are not: http://heartbleed.com/ Also, use the link Lemming posted and not that lastpass thing. Off to re-create some private keys...Bye! :D 2014-04-10 14:13 Beastifire Account closed Registered: Mar 2013 Posts: 40 So who will code the first C64 SSL implementation? :) 2014-04-11 08:43 Perff Administrator Posts: 1665 I learned about this bug yesterday and found CSDb to be unaffected, so didn't think more about it. :) 2014-04-11 13:03 Sith Account closed Registered: Jul 2013 Posts: 17 I hardly think any professional hackers would be bothered hacking into a website about us old farts enjoying our beloved old computer anyway. It is not profitable to them. :) They will target any site that involves financial transactions and inputting credit card data though. 2014-04-11 16:40 chatGPZ Registered: Dec 2001 Posts: 11108 uh. it doesnt work like that. they are using scripts that attack whatever site, and what they are after are simply login credentials - because chances are high you used them elsewhere too. 2014-04-12 06:43 Peacemaker Registered: Sep 2004 Posts: 243 this server IS not vulnerable. just checked it with my script :> 2014-04-12 22:52 Perff Administrator Posts: 1665 Good to get it confirmed. :) Refresh Subscribe to this thread: You need to be logged in to post in the forum. Search the forum: Search  All forums C64 CodingC64 ComposingC64 PixelingC64 ProductionsCSDb Bug ReportsCSDb DiscussionsCSDb EntriesCSDb FeedbackCSDb InfoCSDb moderatorsCSDb QuestionsCSDb V2 developmentMessages to moderatorsRequests  for   in Writer & textTextWriter  All times are CET. Search CSDb All Releases Groups Sceners Events BBS SIDs ------- Forum Comments Advanced Users Online Didi/Laxity chronos/Therapy csabanw Apollyon/ALD heavymett Krill/Plush Mason/Unicess Slaxx/Q/HF/MYD! Guests online: 144 Top Demos 1 Next Level  (9.8) 2 Mojo  (9.7) 3 Coma Light 13  (9.7) 4 Edge of Disgrace  (9.6) 5 Comaland 100%  (9.6) 6 No Bounds  (9.6) 7 Uncensored  (9.6) 8 Wonderland XIV  (9.6) 9 Bromance  (9.6) 10 Memento Mori  (9.6) Top onefile Demos 1 It's More Fun to Com..  (9.7) 2 Party Elk 2  (9.7) 3 Cubic Dream  (9.6) 4 Copper Booze  (9.5) 5 Rainbow Connection  (9.5) 6 TRSAC, Gabber & Pebe..  (9.5) 7 Onscreen 5k  (9.5) 8 Wafer Demo  (9.5) 9 Dawnfall V1.1  (9.5) 10 Quadrants  (9.5) Top Groups 1 Oxyron  (9.3) 2 Nostalgia  (9.3) 3 Booze Design  (9.3) 4 Censor Design  (9.3) 5 Crest  (9.3) Top Logo Graphicians 1 Sander  (10) 2 Facet  (9.7) 3 Mermaid  (9.4) 4 Pal  (9.4) 5 Shine  (9.3)

Home - Disclaimer Copyright © No Name 2001-2024

Page generated in: 0.052 sec.