Be Your Best

Announcement

Collapse
No announcement yet.

PheromoneXS Statement on The Heartbleed Bug

Collapse
X
Collapse

  • PheromoneXS Statement on The Heartbleed Bug

    Hey everyone,
    just wanted to let you know that The Heartbleed bug was patched a few hours after its release(2 days ago).
    As you know we always keep our servers and platforms secure and updated

    The Heartbleed is a defect in OpenSSL, a core cryptographic library that is used to protect communications on the Internet. This flaw affects a substantial number of applications and services running on the Internet.

    We have no evidence that PheromoneXS and DiscoverXS user credentials were compromised, but recommend that our customers change their passwords as a precautionary measure.

    Due to the widespread nature of this vulnerability, we recommend changing your passwords across the web too.

    For mobiles Google recently announced that andoid phones running Android OS newer than 4.1.1 are immune to this security flaw, but you should change your gmail login as soon as possible.

    More info on the Heartbleed Bug can be found here:

    The Heartbleed Hit List: The Passwords You Need to Change Right Now
    http://mashable.com/2014/04/09/heart...ites-affected/

    Google Services Updated to Address OpenSSL CVE-2014-0160 (the Heartbleed bug)
    http://googleonlinesecurity.blogspot...o-address.html

    'Heartbleed' bug undoes Web encryption, reveals Yahoo passwords
    http://www.cnet.com/news/heartbleed-...ser-passwords/

    Websites affected by Heartbleed: Change your Gmail, Facebook and Yahoo passwords soon
    http://tech.firstpost.com/news-analy...on-221526.html

    Massive Security Bug In OpenSSL Could Affect A Huge Chunk Of The Internet
    http://techcrunch.com/2014/04/07/mas...-the-internet/

    Tumblr - Urgent security update
    http://staff.tumblr.com/post/8211303...ecurity-update

    Google has patched most of its major services from the 'Heartbleed' security bug
    http://www.engadget.com/2014/04/09/g...ed-patch-info/

    What You Need to Know About Heartbleed, the New Security Bug Scaring the Internet
    http://www.thewire.com/technology/20...ternet/360366/


    Full list of affected sites and services:
    https://github.com/musalbas/heartble...er/top1000.txt


    Website to test is your bank / site / service vulnerable:
    http://filippo.io/Heartbleed/



    http://heartbleed.com/



    http://i.imgur.com/ZvVVbZq.jpg

    • SteveO
      #4
      SteveO commented
      Editing a comment
      From what our Bad-Ass Technical Mater, Mr. Idle explained to me this never really was an issue to us. I remember him going to some exceptional processes to make sure some "bug" that I never even heard of was corrected. I thought he was being a little paranoid until two days later. Then the proverbially hit the fan! My news-feed was bombardedwith this heartbleed thing so like I usually do I forwarded them to Idle.

      I really thought I had found something that Idle wasn't aware of because he never mentioned heartbleed the day he had fixed it. I thought that was just him keeping a lockdown on our server like he normally does. So to my surprise and much delight he said this is what he had already patched two days prior.

      I wanted everyone to know just how amazing Idle is, not to blow smoke, but to ensure you that you can rest easy knowing he is on the job. This guy updates every little thing like always. I'm kind of easy-going on stuff like updates, but I get it. The guy is a champ and we are fortunate to have him as a part of our community.

      There's a lot of out there but we have and to make

    • masterfu678
      #5
      masterfu678 commented
      Editing a comment
      the name and logo looks creepy

    • idle
      #6
      idle commented
      Editing a comment
      Wow thanks Steve

      So you finally agree with me that paranoid is a good thing when it comes to server security
      Sorry if anyone anytime experienced weird errors or problems for no reason(in the recent years) but this was coming from the overprotective security settings.

      as for the heart bleed
      when it was patched it was just knows as CVE-2014-0160
      At first i mention to Steve that another serous part of the server needs patching
      but he hears this almost every day along and does not pay attention to my stuff
      (he just know that something somewhere somehow was fixed and we have it)
      His reaction was funny the next day when Heart bleed blew out the news


      So here is another helpful image that is floating around


      http://i.imgur.com/ZvVVbZq.jpg


    Posting comments is disabled.

Latest Articles

Collapse

  • SOLVED: Power Outage at US Lab
    KateD
    I just spoke to Steve on whatsapp and was wondering,why the heck is he calling me on whatsapp. He said somebody crashed into a utility pole and they lost all power in the area. No internet, no phones, no air conditioning and it's already extremely hot.

    He's got this morning's orders printed with shipping labels and will do what he can do to get them out but without power he is not absolutely sure.

    He will keep me updated via whatsapp and I will do my best to keep you guys...
    07-18-2019, 09:39 AM
  • XS201 Goddess In Stock
    SteveO
    Just made Goddess an Artisan Selection here: https://pheromonexs.com/pheromones-f...goddess-w.html
    07-12-2019, 11:00 AM
  • EUphoricXS.com Updates
    SteveO
    Well the prototype of the updated shopping cart is up and running but we are working out some small glitches. If you decide to order only click on the submit order button once. You won't get a success page yet or even an order processing email. Should be corrected in the next couple hours. Those orders will be manually changed.

    There are lots of new features too. I'll start making some videos of the new and updated features. The US site will basically be the same thing so this is our...
    07-11-2019, 05:54 PM
  • NEW: FedEx 2 Day Priority (Includes Saturday)
    SteveO
    Domestic USA Only

    FedEx has partnered with us to allow Domestic USA Shipments 2 Day Priority anywhere in the Domestic 50 States at only $12.99. We're working on getting better International and USA Rates as well, or at least back to where they were. They have significantly increased our other rates for some reason.

    We added an option for FedEx 2 Day and yes this does include Saturday deliveries without any surcharges. Its a little bit more expensive than the USPS Priority...
    07-11-2019, 12:13 PM
  • Thursday July 4th Holiday
    SteveO
    Its a holiday on July 4th so no USA shipping

    Also on Friday Hayley and I will only be working a partial day. Friday only FedEx, Express and Priority orders will be shipping. We're not trying to work to hard so please take advantage of the economy free shipping...
    07-03-2019, 08:48 AM
  • New Labels
    SteveO
    I'm uploading new product images incorporating the new label designs and some other meaningful data.


    Here is how to read the label. The main color is the main GOALS color. The Blue, Pink or Orange small band will tell you the primary gender to use the blend (although every blend is basically gender neutral). We made the name vertical for an easier identification and selected an individual background image for each product. We kept our trademark of the XS Heart and removed any...
    06-26-2019, 09:48 AM

Working...
X