You are not logged in - nap CSDb User Forums Forums > CSDb Feedback > "HeartBleed" 2014-04-10 07:44 Conrad Registered: Nov 2006 Posts: 856 "HeartBleed" So I was reading some news this morning about this so-called "Heartbleed" bug, which would try to decrypt your account passwords when you log in. Out of interest I put in the CSDB website (both the .dk and .c64.org domains) in the checker tool provided by LastPass (https://lastpass.com/heartbleed), and reports that the CSDB website is vulnerable to the bug due to using OpenSSL. Even though this site is proned to this bug, do any of you reckon that it won't pay the cost of losing a lot of data on this website? At the end of the day, this is a small community compared to Facebook, Google+ etc. 2014-04-10 07:46 Shine Registered: Jul 2012 Posts: 387 Very interesting! 2014-04-10 08:11 Burglar Registered: Dec 2004 Posts: 1137 the check linked by conrad is probably incorrect. afaik openssl 0.9.8 is *not* vulnerable. 2014-04-10 08:32 lemming Registered: Oct 2009 Posts: 44 Yup, Burglar is right, 0.9.8-series is ok. Also http://filippo.io/Heartbleed/#csdb.dk 2014-04-10 14:11 scout Registered: Dec 2002 Posts: 1578 All you want to know about the Hearbleed bug, which OpenSSL versions are vulnerable and which are not: http://heartbleed.com/ Also, use the link Lemming posted and not that lastpass thing. Off to re-create some private keys...Bye! :D 2014-04-10 14:13 Beastifire Account closed Registered: Mar 2013 Posts: 40 So who will code the first C64 SSL implementation? :) 2014-04-11 08:43 Perff Administrator Posts: 1684 I learned about this bug yesterday and found CSDb to be unaffected, so didn't think more about it. :) 2014-04-11 13:03 Sith Account closed Registered: Jul 2013 Posts: 17 I hardly think any professional hackers would be bothered hacking into a website about us old farts enjoying our beloved old computer anyway. It is not profitable to them. :) They will target any site that involves financial transactions and inputting credit card data though. 2014-04-11 16:40 chatGPZ Registered: Dec 2001 Posts: 11510 uh. it doesnt work like that. they are using scripts that attack whatever site, and what they are after are simply login credentials - because chances are high you used them elsewhere too. 2014-04-12 06:43 Peacemaker Registered: Sep 2004 Posts: 279 this server IS not vulnerable. just checked it with my script :> 2014-04-12 22:52 Perff Administrator Posts: 1684 Good to get it confirmed. :) Refresh Subscribe to this thread: You need to be logged in to post in the forum. Search the forum: Search  All forums C64 CodingC64 ComposingC64 PixelingC64 ProductionsCSDb Bug ReportsCSDb DevelopmentCSDb DiscussionsCSDb EntriesCSDb FeedbackCSDb InfoCSDb moderatorsCSDb QuestionsMessages to moderatorsRequests  for   in Writer & textTextWriter  All times are CET. Search CSDb All Releases Groups Sceners Events BBS SIDs ------- Forum Comments Advanced Users Online MWR/Visdom ccr/TNSP csabanw Guests online: 381 Top Demos 1 Next Level  (9.7) 2 13:37  (9.7) 3 Codeboys & Endians  (9.7) 4 Mojo  (9.6) 5 Coma Light 13  (9.6) 6 Edge of Disgrace  (9.6) 7 Signal Carnival  (9.6) 8 Uncensored  (9.5) 9 Wonderland XIV  (9.5) 10 No Bounds  (9.5) Top onefile Demos 1 Nine  (9.7) 2 Layers  (9.6) 3 Cubic Dream  (9.6) 4 Party Elk 2  (9.6) 5 Copper Booze  (9.5) 6 Scan and Spin  (9.5) 7 Onscreen 5k  (9.5) 8 Grey  (9.5) 9 Dawnfall V1.1  (9.5) 10 Rainbow Connection  (9.5) Top Groups 1 Artline Designs  (9.3) 2 Booze Design  (9.3) 3 Oxyron  (9.3) 4 Performers  (9.3) 5 Censor Design  (9.3) Top Fullscreen Graphicians 1 Joe  (9.7) 2 Sulevi  (9.6) 3 The Sarge  (9.6) 4 Veto  (9.5) 5 Facet  (9.5)

Home - Disclaimer Copyright © No Name 2001-2025

Page generated in: 0.085 sec.