|
|
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Maken Tosch
DUST University
Ivy League
7937
   |
Posted - 2014.04.14 18:26:00 -
[1] - Quote
Source:
http://money.cnn.com/2014/04/09/technology/security/heartbleed-bug/index.html
Quote:
What is it?
It's called the Heartbleed bug, and it is essentially an information leak.
It starts with a hole in the software that the vast majority of websites on the Internet use to turn your personal information into strings of random numbers and letters. If you see a padlock image in the address bar, there's a good chance that site is using the encryption software that was impacted by the Heartbleed bug.
"It's probably the worst bug the Internet has ever seen," said Matthew Prince, CEO of website-protecting service CloudFlare. "If a week from now we hear criminals spoofed a massive number of accounts at financial institutions, it won't surprise me."
I sent a petition notifying CCP about this to see if this is something that affects us as well. According to that same article, approximately 81% of websites around the world use server programs that are vulnerable to the Heartbleed Bug.
Quote:
What can I do?
Log out of all websites: email, social media, banking -- everything. But beyond that, it's a waiting game. The websites themselves need to update to a new version of the encryption software to fix the bug. That's why changing all your passwords right away isn't a good idea. Websites are all racing to fix the issue, and if you act too quickly, you might change your password on a site that is still vulnerable.
Dedicated Scout // Ninja Knifer
Everything I know about the Caldari I learned at Nouvelle Rouvenor
|
Maken Tosch
DUST University
Ivy League
7937
|
Posted - 2014.04.14 18:38:00 -
[2] - Quote
Kaminoikari wrote:Maken Tosch wrote:Source: http://money.cnn.com/2014/04/09/technology/security/heartbleed-bug/index.htmlQuote:
What is it?
It's called the Heartbleed bug, and it is essentially an information leak.
It starts with a hole in the software that the vast majority of websites on the Internet use to turn your personal information into strings of random numbers and letters. If you see a padlock image in the address bar, there's a good chance that site is using the encryption software that was impacted by the Heartbleed bug.
"It's probably the worst bug the Internet has ever seen," said Matthew Prince, CEO of website-protecting service CloudFlare. "If a week from now we hear criminals spoofed a massive number of accounts at financial institutions, it won't surprise me."
I sent a petition notifying CCP about this to see if this is something that affects us as well. According to that same article, approximately 81% of websites around the world use server programs that are vulnerable to the Heartbleed Bug. Quote:
What can I do?
Log out of all websites: email, social media, banking -- everything. But beyond that, it's a waiting game. The websites themselves need to update to a new version of the encryption software to fix the bug. That's why changing all your passwords right away isn't a good idea. Websites are all racing to fix the issue, and if you act too quickly, you might change your password on a site that is still vulnerable.
Well for starters, you sign in on here via your PSN identity which operates on their own set of encryption and such. I'm too tired to post entirely coherently, but the jist is that it does not affect us, the users of this website. Although with other sites the best idea is to change your password. By now the majority of sites have updated to the newest version and you should be able to change your password without fear.
Ok then. On the other hand, I still wonder what this means for Eve players and if CCP uses a separate encryption method that's not affected by this.
Dedicated Scout // Ninja Knifer
Everything I know about the Caldari I learned at Nouvelle Rouvenor
|
Maken Tosch
DUST University
Ivy League
7938
|
Posted - 2014.04.14 18:51:00 -
[3] - Quote
Kaminoikari wrote:I don't think CCP is as secure with their EvE forums. I don't play EvE or browse their place so I wouldn't know. If you do play EvE just change it to be sure.
Also: The reasoning behind my confidence at us PSN users not having to change our passwords is that we login to the DUST forums via a secure (encrypted) connection to the Playstation server(s), which is in turn relayed back to this site. We don't use separate IDs from our PSN one.
I do have a lot of confidence in CCP's security given the events that occurred during the past 4 years alone including the DDoS attack that affected both Sony and CCP. As far as I know as an individual, CCP's servers haven't been compromised during during it's entire 11 year history. However, in light of this recent bug that affects a lot of websites around the world, I couldn't help but feel nervous even after all the **** that CCP had endured and countered with its servers.
Dedicated Scout // Ninja Knifer
Everything I know about the Caldari I learned at Nouvelle Rouvenor
|
Maken Tosch
DUST University
Ivy League
7938
|
Posted - 2014.04.14 18:52:00 -
[4] - Quote
Thanks for the update. Hopefully this will put many players at ease.
Dedicated Scout // Ninja Knifer
Everything I know about the Caldari I learned at Nouvelle Rouvenor
|
|
|
| |
|