Dokuga Forum
Welcome, Guest
Please Login or Register.    Lost Password?
HeartBleed Bug
(1 viewing) 1 Guest
Go to bottom
TOPIC: HeartBleed Bug
#99443
Maria-Salvatore29
Whelp
Posts: 188
graphgraph
User Offline Click here to see the profile of this user
HeartBleed Bug 10 Years, 7 Months ago Karma: 10
Many sites have/had been affected by the heartbleed bug, I just want to ask if this site is safe? Because just yesterday, fanfiction.net released a statement about this bug so I immediately changed my password. Just asking if we have to change our passwords here too?
 
Logged Logged
  The administrator has disabled public write access.
#99444
Sharon
Pup
Posts: 87
graphgraph
User Offline Click here to see the profile of this user
Re:HeartBleed Bug 10 Years, 7 Months ago Karma: 95
Hi,
Heartbleed is a vulnerability in OpenSSL, which is an SSL implementation that provides security while sending sensitive information on the internet. It's best explained by xkcd.com/1354/

This is a pretty serious problem, my advise is to change ALL your passwords.

Dokuga is powered by Kunena, which is open source. So, it makes sense to extrapolate that and say most of their software, including SSL, is also opensource. So, we're most likely affected by this as well (This is me speculating).

Please change ALL your passwords ASAP (especially for work, banks etc.). Don't wait for them to contact you.

Hope this helps.
 
Logged Logged
  The administrator has disabled public write access.
#99448
cakeiton
Shrine Girl
Posts: 615
graphgraph
User Offline Click here to see the profile of this user
Re:HeartBleed Bug 10 Years, 7 Months ago Karma: 55
I was going to post the xkcd comic as well lol.
 
Logged Logged
 
  The administrator has disabled public write access.
#99449
WiccanMethuselah
Admin
Posts: 2279
graphgraph
User Offline Click here to see the profile of this user
Re:HeartBleed Bug 10 Years, 7 Months ago Karma: 277
To the best of my knowledge, the site's data base and other components were put together with Joomla. The forum is Kunena, and yes, all of it was open-source.

If one reads the news reports concerning the "Heartbleed" problem, one notices that the security problem deals specifically with Secure Socket Layer issues. We do not, and have never, used SSL for this site (again, to the best of my knowledge and recollection).

We have no need of this, as we do not collect, nor do we store, any sensitive financial information about our members. Our donations are handled through my PayPal account, which has long since fixed it's vulnerability issues.

If it makes you feel safer to change your password for this site, by all means, do. After all, many internet security experts caution that you should do this regularly anyway. Rest assured, however, that we will continue to monitor the situation. If we feel that our members might be compromised, we will alert you all as soon as humanly possible.

~~Wiccan~~
 
Logged Logged
 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"The foolish and the dead alone never change their opinion.\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"
- James Russell Lowell 1864


  The administrator has disabled public write access.
#99450
Emiko
Whelp
Posts: 145
graphgraph
User Offline Click here to see the profile of this user
Re:HeartBleed Bug 10 Years, 7 Months ago Karma: 59
I'd also like to add that to change your passwords before notification by institutions that the problem has been fixed is folly. Most banks/reputable companies that deal with monies/financials do not deal with OpenSSL. Rather, they used encrypted forms, secure SSL. However, those that are affected have an obligation to notify customers once the breach has been fixed - if they care, that is.

To reset your PW prior to any fix would be like handing out a key to your faulty lock to a criminal over and over again BEFORE fixing the crappy lock.

Mashables.com: WEBSITES AFFECTED BY HEARTBLEED

CNET article gives more info:

CNET - HeartBleed
 
Logged Logged
 
Last Edit: 2014/04/13 19:05 By Smoke Goddess.
  The administrator has disabled public write access.
#99451
cassandra
Taiyoukai
Posts: 340
graphgraph
User Offline Click here to see the profile of this user
Re:HeartBleed Bug 10 Years, 7 Months ago Karma: 16
What exactly is this bug and what does it do
 
Logged Logged
  The administrator has disabled public write access.
#99452
WiccanMethuselah
Admin
Posts: 2279
graphgraph
User Offline Click here to see the profile of this user
Re:HeartBleed Bug 10 Years, 7 Months ago Karma: 277
The whole overview is given here:

http://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/

It has much more information than I can copy/paste or type right now. Also, check out the links that Emiko provided for more information, especially the one on Mashable.
:/
~~Wiccan~~
 
Logged Logged
 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"The foolish and the dead alone never change their opinion.\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"
- James Russell Lowell 1864


  The administrator has disabled public write access.
#99463
Maria-Salvatore29
Whelp
Posts: 188
graphgraph
User Offline Click here to see the profile of this user
Re:HeartBleed Bug 10 Years, 7 Months ago Karma: 10
Okie! By the Way, check out this site.

lastpass.com/heartbleed/

It might help you know if a certain website has been affected by this bug or not
 
Logged Logged
 
Last Edit: 2014/04/14 12:18 By mariasalvatore29.
  The administrator has disabled public write access.
Go to top

INUYASHA © Rumiko Takahashi/Shogakukan • Yomiuri TV • Sunrise 2000
No money is being made from the creation or viewing of content on this site, which is strictly for personal, non-commercial use, in accordance with the copyright.