Might be time to look into finally changing that password...
66784 cr points
Send Message: Send PM GB Post
27 / M
Offline
Posted 4/8/14
http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/



Researchers have discovered an extremely critical defect in the cryptographic software library an estimated two-thirds of Web servers use to identify themselves to end users and prevent the eavesdropping of passwords, banking credentials, and other sensitive data"


and

http://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/



Lest readers think "catastrophic" is too exaggerated a description for the critical defect affecting an estimated two-thirds of the Internet's Web servers, consider this: at the moment this article was being prepared, the so-called Heartbleed bug was exposing end-user passwords, the contents of confidential e-mails, and other sensitive data belonging to Yahoo Mail and almost certainly countless other services.

The two-year-old bug is the result of a mundane coding error in OpenSSL, the world's most popular code library for implementing HTTPS encryption in websites, e-mail servers, and applications. The result of a missing bounds check in the source code, Heartbleed allows attackers to recover large chunks of private computer memory that handle OpenSSL processes. The leak is the digital equivalent of a grab bag that hackers can blindly reach into over and over simply by sending a series of commands to vulnerable servers. The returned contents could include something as banal as a time stamp, or it could return far more valuable assets such as authentication credentials or even the private key at the heart of a website's entire cryptographic certificate.


I recommend keeping an eye on any and all accounts you may use for various sites. (I know some people use the same name/password for different sites).

Just putting out a heads-up. This could kind of be a big deal.
Sogno- 
45722 cr points
Send Message: Send PM GB Post
Offline
Posted 4/8/14 , edited 4/8/14
i read about this on BBC. the Minecraft guy shut down the game's online systems and Amazon did some major patching... idk what it all means but if those two big guys are scrambling to fix it then it must be a big deal.
Sailor Candy Moderator
200576 cr points
Send Message: Send PM GB Post
28
Offline
Posted 12/28/15
"Year-end cleanup. Closing threads with no activity since 2014."
You must be logged in to post.