Tweet
just wanted to let you know that The Heartbleed bug was patched a few hours after its release(2 days ago).
As you know we always keep our servers and platforms secure and updated
The Heartbleed is a defect in OpenSSL, a core cryptographic library that is used to protect communications on the Internet. This flaw affects a substantial number of applications and services running on the Internet.
We have no evidence that PheromoneXS and DiscoverXS user credentials were compromised, but recommend that our customers change their passwords as a precautionary measure.
Due to the widespread nature of this vulnerability, we recommend changing your passwords across the web too.
For mobiles Google recently announced that andoid phones running Android OS newer than 4.1.1 are immune to this security flaw, but you should change your gmail login as soon as possible.
More info on the Heartbleed Bug can be found here:
The Heartbleed Hit List: The Passwords You Need to Change Right Now
http://mashable.com/2014/04/09/heart...ites-affected/
Google Services Updated to Address OpenSSL CVE-2014-0160 (the Heartbleed bug)
http://googleonlinesecurity.blogspot...o-address.html
'Heartbleed' bug undoes Web encryption, reveals Yahoo passwords
http://www.cnet.com/news/heartbleed-...ser-passwords/
Websites affected by Heartbleed: Change your Gmail, Facebook and Yahoo passwords soon
http://tech.firstpost.com/news-analy...on-221526.html
Massive Security Bug In OpenSSL Could Affect A Huge Chunk Of The Internet
http://techcrunch.com/2014/04/07/mas...-the-internet/
Tumblr - Urgent security update
http://staff.tumblr.com/post/8211303...ecurity-update
Google has patched most of its major services from the 'Heartbleed' security bug
http://www.engadget.com/2014/04/09/g...ed-patch-info/
What You Need to Know About Heartbleed, the New Security Bug Scaring the Internet
http://www.thewire.com/technology/20...ternet/360366/
Full list of affected sites and services:
https://github.com/musalbas/heartble...er/top1000.txt
Website to test is your bank / site / service vulnerable:
I really thought I had found something that Idle wasn't aware of because he never mentioned heartbleed the day he had fixed it. I thought that was just him keeping a lockdown on our server like he normally does. So to my surprise and much delight he said this is what he had already patched two days prior.
I wanted everyone to know just how amazing Idle is, not to blow smoke, but to ensure you that you can rest easy knowing he is on the job. This guy updates every little thing like always. I'm kind of easy-going on stuff like updates, but I get it. The guy is a champ and we are fortunate to have him as a part of our community.
There's a lot of :minecraft: out there but we have
So you finally agree with me that paranoid is a good thing when it comes to server security
Sorry if anyone anytime experienced weird errors or problems for no reason(in the recent years) but this was coming from the overprotective security settings.
as for the heart bleed
when it was patched it was just knows as CVE-2014-0160
At first i mention to Steve that another serous part of the server needs patching
but he hears this almost every day along and does not pay attention to my stuff
(he just know that something somewhere somehow was fixed and we have it)
His reaction was funny the next day when Heart bleed blew out the news
So here is another helpful image that is floating around