Welcome to our latest new user danikAdmiral ! (Registered 2024-12-17) You are not logged in - nap CSDb User Forums Forums > CSDb Feedback > "HeartBleed" 2014-04-10 07:44 Conrad Registered: Nov 2006 Posts: 849 "HeartBleed" So I was reading some news this morning about this so-called "Heartbleed" bug, which would try to decrypt your account passwords when you log in. Out of interest I put in the CSDB website (both the .dk and .c64.org domains) in the checker tool provided by LastPass (https://lastpass.com/heartbleed), and reports that the CSDB website is vulnerable to the bug due to using OpenSSL. Even though this site is proned to this bug, do any of you reckon that it won't pay the cost of losing a lot of data on this website? At the end of the day, this is a small community compared to Facebook, Google+ etc. 2014-04-10 07:46 Shine Registered: Jul 2012 Posts: 368 Very interesting! 2014-04-10 08:11 Burglar Registered: Dec 2004 Posts: 1098 the check linked by conrad is probably incorrect. afaik openssl 0.9.8 is *not* vulnerable. 2014-04-10 08:32 lemming Registered: Oct 2009 Posts: 44 Yup, Burglar is right, 0.9.8-series is ok. Also http://filippo.io/Heartbleed/#csdb.dk 2014-04-10 14:11 Scout Registered: Dec 2002 Posts: 1570 All you want to know about the Hearbleed bug, which OpenSSL versions are vulnerable and which are not: http://heartbleed.com/ Also, use the link Lemming posted and not that lastpass thing. Off to re-create some private keys...Bye! :D 2014-04-10 14:13 Beastifire Account closed Registered: Mar 2013 Posts: 40 So who will code the first C64 SSL implementation? :) 2014-04-11 08:43 Perff Administrator Posts: 1679 I learned about this bug yesterday and found CSDb to be unaffected, so didn't think more about it. :) 2014-04-11 13:03 Sith Account closed Registered: Jul 2013 Posts: 17 I hardly think any professional hackers would be bothered hacking into a website about us old farts enjoying our beloved old computer anyway. It is not profitable to them. :) They will target any site that involves financial transactions and inputting credit card data though. 2014-04-11 16:40 chatGPZ Registered: Dec 2001 Posts: 11384 uh. it doesnt work like that. they are using scripts that attack whatever site, and what they are after are simply login credentials - because chances are high you used them elsewhere too. 2014-04-12 06:43 Peacemaker Registered: Sep 2004 Posts: 275 this server IS not vulnerable. just checked it with my script :> 2014-04-12 22:52 Perff Administrator Posts: 1679 Good to get it confirmed. :) Refresh Subscribe to this thread: You need to be logged in to post in the forum. Search the forum: Search  All forums C64 CodingC64 ComposingC64 PixelingC64 ProductionsCSDb Bug ReportsCSDb DevelopmentCSDb DiscussionsCSDb EntriesCSDb FeedbackCSDb InfoCSDb moderatorsCSDb QuestionsMessages to moderatorsRequests  for   in Writer & textTextWriter  All times are CET. Search CSDb All Releases Groups Sceners Events BBS SIDs ------- Forum Comments Advanced Users Online Apollyon/ALD Exploding Fi../Techn.. Jazzcat/Onslaught Guests online: 72 Top Demos 1 Next Level  (9.7) 2 13:37  (9.7) 3 Mojo  (9.6) 4 Coma Light 13  (9.6) 5 Edge of Disgrace  (9.6) 6 What Is The Matrix 2  (9.6) 7 The Demo Coder  (9.6) 8 Uncensored  (9.6) 9 Comaland 100%  (9.6) 10 Wonderland XIV  (9.6) Top onefile Demos 1 Layers  (9.6) 2 Party Elk 2  (9.6) 3 Cubic Dream  (9.6) 4 Copper Booze  (9.6) 5 No Listen  (9.6) 6 Rainbow Connection  (9.5) 7 Dawnfall V1.1  (9.5) 8 Onscreen 5k  (9.5) 9 Morph  (9.5) 10 Libertongo  (9.5) Top Groups 1 Performers  (9.3) 2 Booze Design  (9.3) 3 Oxyron  (9.3) 4 Triad  (9.3) 5 Censor Design  (9.3) Top Original Suppliers 1 Derbyshire Ram  (9.7) 2 Fungus  (9.3) 3 Black Beard  (9.2) 4 Baracuda  (9.2) 5 hedning  (9.1)

Home - Disclaimer Copyright © No Name 2001-2024

Page generated in: 0.036 sec.