Post Reply Admins - Heartbleed vulnerability
20054 cr points
Send Message: Send PM GB Post
36 / M / Hawaii
Offline
Posted 4/9/14 , edited 4/9/14
I am unsure if you are away for the Heartbleed vulnerability. Your certificates haven't been updated in the past 3 years.

https://www.google.com/search?q=heartbleed+bug&oq=heartbleed+bug&aqs=chrome..69i57j0j69i60.3696j0j4&sourceid=chrome&espv=2&es_sm=122&ie=UTF-8
Dragon
58342 cr points
Send Message: Send PM GB Post
37 / M
Online
Posted 4/9/14 , edited 4/9/14

Tidbits808 wrote:

I am unsure if you are away for the Heartbleed vulnerability. Your certificates haven't been updated in the past 3 years.

https://www.google.com/search?q=heartbleed+bug&oq=heartbleed+bug&aqs=chrome..69i57j0j69i60.3696j0j4&sourceid=chrome&espv=2&es_sm=122&ie=UTF-8


Hi,

I moved this over to site support, it seemed like a better location than general.

-Makoto
20054 cr points
Send Message: Send PM GB Post
36 / M / Hawaii
Offline
Posted 4/9/14
thanks
13897 cr points
Send Message: Send PM GB Post
24 / M / Belgium
Offline
Posted 4/9/14 , edited 4/9/14

Tidbits808 wrote:

I am unsure if you are away for the Heartbleed vulnerability. Your certificates haven't been updated in the past 3 years.

https://www.google.com/search?q=heartbleed+bug&oq=heartbleed+bug&aqs=chrome..69i57j0j69i60.3696j0j4&sourceid=chrome&espv=2&es_sm=122&ie=UTF-8

Crunchyroll doesn't seem to be affected by Heartbleed, as you can test here.
Only a portion of the certificates that use openSSL are vulnerable.

Posted 4/9/14
CVE-2014-0160 was disclosed 72 hours ago and patched same day.
20054 cr points
Send Message: Send PM GB Post
36 / M / Hawaii
Offline
Posted 4/9/14
thanks I was just making sure
31023 cr points
Send Message: Send PM GB Post
M / Boston, Ma
Offline
Posted 4/11/14
So you guys were not using a vulnerable version of Openssl at any time?
58666 cr points
Send Message: Send PM GB Post
30 / M / Dallas, TX
Online
Posted 4/11/14

cswenson0105 wrote:

So you guys were not using a vulnerable version of Openssl at any time?


It sounds like they patched and restarted the OpenSSL services as soon as a fix was released.
31023 cr points
Send Message: Send PM GB Post
M / Boston, Ma
Offline
Posted 4/15/14
I know it is a pain, but if they were running a vulnerable version they should make users change passwords.
58666 cr points
Send Message: Send PM GB Post
30 / M / Dallas, TX
Online
Posted 4/15/14

cswenson0105 wrote:

I know it is a pain, but if they were running a vulnerable version they should make users change passwords.


That would be nice, but you would still get complaints from people who don't understand, and will choose to continue not to understand, even if you try to explain it to them.
42634 cr points
Send Message: Send PM GB Post
60 / M / Earth
Offline
Posted 4/15/14

eyeofpain wrote: you would still get complaints from people who don't understand, and will choose to continue not to understand, even if you try to explain it to them.
I don't disagree... But it isn't that difficult to grasp, really. Xkcd does a very good job of making the explanation simple:

http://xkcd.com/1354/
You must be logged in to post.