Post Reply Admins - Heartbleed vulnerability
20066 cr points
Send Message: Send PM GB Post
38 / M / Hawaii
Offline
Posted 4/9/14 , edited 4/9/14
I am unsure if you are away for the Heartbleed vulnerability. Your certificates haven't been updated in the past 3 years.

https://www.google.com/search?q=heartbleed+bug&oq=heartbleed+bug&aqs=chrome..69i57j0j69i60.3696j0j4&sourceid=chrome&espv=2&es_sm=122&ie=UTF-8
Dragon
69451 cr points
Send Message: Send PM GB Post
Offline
Posted 4/9/14 , edited 4/9/14

Tidbits808 wrote:

I am unsure if you are away for the Heartbleed vulnerability. Your certificates haven't been updated in the past 3 years.

https://www.google.com/search?q=heartbleed+bug&oq=heartbleed+bug&aqs=chrome..69i57j0j69i60.3696j0j4&sourceid=chrome&espv=2&es_sm=122&ie=UTF-8


Hi,

I moved this over to site support, it seemed like a better location than general.

-Makoto
20066 cr points
Send Message: Send PM GB Post
38 / M / Hawaii
Offline
Posted 4/9/14 , edited 4/9/14
thanks
Posted 4/9/14 , edited 4/9/14

Tidbits808 wrote:

I am unsure if you are away for the Heartbleed vulnerability. Your certificates haven't been updated in the past 3 years.

https://www.google.com/search?q=heartbleed+bug&oq=heartbleed+bug&aqs=chrome..69i57j0j69i60.3696j0j4&sourceid=chrome&espv=2&es_sm=122&ie=UTF-8

Crunchyroll doesn't seem to be affected by Heartbleed, as you can test here.
Only a portion of the certificates that use openSSL are vulnerable.

Posted 4/9/14 , edited 4/9/14
CVE-2014-0160 was disclosed 72 hours ago and patched same day.
20066 cr points
Send Message: Send PM GB Post
38 / M / Hawaii
Offline
Posted 4/9/14 , edited 4/9/14
thanks I was just making sure
31031 cr points
Send Message: Send PM GB Post
M / Boston, Ma
Online
Posted 4/11/14 , edited 4/11/14
So you guys were not using a vulnerable version of Openssl at any time?
59925 cr points
Send Message: Send PM GB Post
32 / M / Dallas, TX
Offline
Posted 4/11/14 , edited 4/11/14

cswenson0105 wrote:

So you guys were not using a vulnerable version of Openssl at any time?


It sounds like they patched and restarted the OpenSSL services as soon as a fix was released.
31031 cr points
Send Message: Send PM GB Post
M / Boston, Ma
Online
Posted 4/15/14 , edited 4/15/14
I know it is a pain, but if they were running a vulnerable version they should make users change passwords.
59925 cr points
Send Message: Send PM GB Post
32 / M / Dallas, TX
Offline
Posted 4/15/14 , edited 4/16/14

cswenson0105 wrote:

I know it is a pain, but if they were running a vulnerable version they should make users change passwords.


That would be nice, but you would still get complaints from people who don't understand, and will choose to continue not to understand, even if you try to explain it to them.
54872 cr points
Send Message: Send PM GB Post
61 / M / Earth
Offline
Posted 4/15/14 , edited 4/16/14

eyeofpain wrote: you would still get complaints from people who don't understand, and will choose to continue not to understand, even if you try to explain it to them.
I don't disagree... But it isn't that difficult to grasp, really. Xkcd does a very good job of making the explanation simple:

http://xkcd.com/1354/
You must be logged in to post.