Overclock.net › Forums › Industry News › Software News › [AT] Critical Crypto Bug in OpenSSL Opens Two-Thirds of the Web to Eavesdropping
New Posts  All Forums:Forum Nav:

[AT] Critical Crypto Bug in OpenSSL Opens Two-Thirds of the Web to Eavesdropping - Page 4

post #31 of 54
Quote:
Originally Posted by phill1978 View Post

..Also I wouldn't be too surprised if this is one of the exact holes that the SS have been using around the world to intercept traffic.

I think the reference you want would be Gestapo.
Damage inc.
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 - 4790k @4.8 ASUS Maximus 7 Hero GIgabyte GTX980 G1 Corsair Vengeance DDR3-1866 
Hard DriveHard DriveOSKeyboard
Samsung 840 pro Crucial M500 240GB Win8.1 yes 
PowerMouse
Seasonic SS - 1050 logitech 
  hide details  
Reply
Damage inc.
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 - 4790k @4.8 ASUS Maximus 7 Hero GIgabyte GTX980 G1 Corsair Vengeance DDR3-1866 
Hard DriveHard DriveOSKeyboard
Samsung 840 pro Crucial M500 240GB Win8.1 yes 
PowerMouse
Seasonic SS - 1050 logitech 
  hide details  
Reply
post #32 of 54
Quote:
Originally Posted by DarthElvis View Post

I think the reference you want would be Gestapo.

Or the Stasi.
post #33 of 54
Quote:
Originally Posted by DuckieHo View Post

Basically, any communicated over the Internet utilizing OpenSSL may have been compromised.... so most of secure transmissions in everyday use.


The password reset is because someone could have gotten ARS's keys and performed a man-in-the-middle attack to steal your encrypted password.

Would websites give users a heads up that they've made the update and regenerated certs and CAs and that the user should should change passwords then; or am I still not getting the point? redface.gif
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
post #34 of 54
Wow this is crazy. I assume this effects crypto-currency wallets as well? Could lead to some serious trouble in that segment...
Project Arch
(16 items)
 
BigByte
(8 items)
 
Macbook Pro
(8 items)
 
CPUMotherboardGraphicsRAM
Intel i7 5960x @ 4.8ghz Asus X99-E WS 2 x Nvidia Quadro K6000 Corsair Dominator Platinum 64gb 2666 
Hard DriveCoolingOSMonitor
2 x Samsung 850 Pro 512gb {RAID 0} Swiftech H320 w/ Noctua NF-F12 iPPC Arch Linux w/ OpenBox 2 x LG 31MU97 Cinema 4K 
KeyboardPowerCaseMouse
Vortex KBC Poker II PBT EVGA SuperNOVA 1000 G2 Corsair Obsidian 450D Zowie FK1 
Mouse PadAudioAudioOther
Steelseries QCK+ Beyerdynamic DT 770 Pro 80Ω Audioengine D1 Intel X540-T2 NIC 
CPUMotherboardRAMHard Drive
Intel Avoton C2750 Octa-Core ASRock C2750D4I Samsung 64gb ECC 1600mhz 8 x Samsung 850 Pro 1TB 
OSPowerCaseOther
FreeNAS SilverStone ST45SF-G 450w SilverStone DS380 Intel X540-T2 NIC 
CPUGraphicsGraphicsRAM
Intel i7-4960HQ Intel Iris 5200 Pro NVIDIA GT 750M 2gb 16gb (2x8gb) 1600mhz 
Hard DriveMonitorMouseMouse Pad
1tb PCIe SSD 15.4" {2880x1800} IPS SteelSeries Sensei [RAW] SteelSeries QcK Mini 
  hide details  
Reply
Project Arch
(16 items)
 
BigByte
(8 items)
 
Macbook Pro
(8 items)
 
CPUMotherboardGraphicsRAM
Intel i7 5960x @ 4.8ghz Asus X99-E WS 2 x Nvidia Quadro K6000 Corsair Dominator Platinum 64gb 2666 
Hard DriveCoolingOSMonitor
2 x Samsung 850 Pro 512gb {RAID 0} Swiftech H320 w/ Noctua NF-F12 iPPC Arch Linux w/ OpenBox 2 x LG 31MU97 Cinema 4K 
KeyboardPowerCaseMouse
Vortex KBC Poker II PBT EVGA SuperNOVA 1000 G2 Corsair Obsidian 450D Zowie FK1 
Mouse PadAudioAudioOther
Steelseries QCK+ Beyerdynamic DT 770 Pro 80Ω Audioengine D1 Intel X540-T2 NIC 
CPUMotherboardRAMHard Drive
Intel Avoton C2750 Octa-Core ASRock C2750D4I Samsung 64gb ECC 1600mhz 8 x Samsung 850 Pro 1TB 
OSPowerCaseOther
FreeNAS SilverStone ST45SF-G 450w SilverStone DS380 Intel X540-T2 NIC 
CPUGraphicsGraphicsRAM
Intel i7-4960HQ Intel Iris 5200 Pro NVIDIA GT 750M 2gb 16gb (2x8gb) 1600mhz 
Hard DriveMonitorMouseMouse Pad
1tb PCIe SSD 15.4" {2880x1800} IPS SteelSeries Sensei [RAW] SteelSeries QcK Mini 
  hide details  
Reply
post #35 of 54
Quote:
Originally Posted by DizZz View Post

Wow this is crazy. I assume this effects crypto-currency wallets as well? Could lead to some serious trouble in that segment...

Only if you transfer the your coin codes through SSL and connection was compromised.
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #36 of 54
Quote:
Originally Posted by Rookie1337 View Post

Would websites give users a heads up that they've made the update and regenerated certs and CAs and that the user should should change passwords then; or am I still not getting the point? redface.gif

This.

I'm a bit worried, as if I were a criminal hacker, given this backdoor through secure connections, I'd be targetting the big players first. Google, Facebook, all the banks I could think of. Unless there is some kind of additional security at the bigger sites that protect them? I mean, how does the exploit work exactly? Does it require installing code on the server, or just sending it the right dodgy string of data?
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
post #37 of 54
Quote:
Originally Posted by phill1978 View Post

evidence please, i scoured the sites and didn't see mention of Yahoo specifically although I am not denying they are vulnerable i would like you to show a list or the claimant

Thanks.


btw ubuntu based distro's (mint) were patched very quickly last night.

type openssl version -a in your terminal and look at the version, it should be 1.0.1e but dont wory about the 2013 date, the build date was 7th April 2014

I did get a warning from Yahoo the other day that someone was trying to access my account from somewhere in China.
The Sleeper
(10 items)
 
 
Sony Xperia Z3
(7 items)
 
CPUMotherboardGraphicsGraphics
AMD FX 8320  Asus Sabertooth 990FX R2.0 MSI Radeon 7950 MSI Radeon 7950 
RAMHard DriveCoolingOS
8GB Crucial Ballistix Sport 1600mhz Samsung 470 SSD Corsair H80i Windows 7 64 Bit Home Premium 
PowerCase
Corsair HX850 Coolermaster HAF 932 
CPUMotherboardGraphicsRAM
Intel SU7300 Core2Duo 1.6 Ghz Alienware OEM Nvidia 335m 8 GB PNY memory 
Hard DriveOSMonitor
Samsing 840 SSD Windows 7 Home Premium 64-Bit Generic PNP monitor @ 75hz 
CPUGraphicsRAMHard Drive
Snapdragon 801 @ 2.5 Ghz Adreno 330 3 GB 32 GB  
CoolingOSMonitor
Blow on it Android 4.4.4 1920x1080 LCD 
  hide details  
Reply
The Sleeper
(10 items)
 
 
Sony Xperia Z3
(7 items)
 
CPUMotherboardGraphicsGraphics
AMD FX 8320  Asus Sabertooth 990FX R2.0 MSI Radeon 7950 MSI Radeon 7950 
RAMHard DriveCoolingOS
8GB Crucial Ballistix Sport 1600mhz Samsung 470 SSD Corsair H80i Windows 7 64 Bit Home Premium 
PowerCase
Corsair HX850 Coolermaster HAF 932 
CPUMotherboardGraphicsRAM
Intel SU7300 Core2Duo 1.6 Ghz Alienware OEM Nvidia 335m 8 GB PNY memory 
Hard DriveOSMonitor
Samsing 840 SSD Windows 7 Home Premium 64-Bit Generic PNP monitor @ 75hz 
CPUGraphicsRAMHard Drive
Snapdragon 801 @ 2.5 Ghz Adreno 330 3 GB 32 GB  
CoolingOSMonitor
Blow on it Android 4.4.4 1920x1080 LCD 
  hide details  
Reply
post #38 of 54
Just found this - https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt, clears up some fears for me. Gotta watch that password reuse though peeps!

http://xkcd.com/792
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
post #39 of 54
Quote:
all the banks I could think of.
Yup...sadly this means I have to work at work and worry about this stuff frown.gif
/* Redemption*/
(14 items)
 
  
CPUMotherboardGraphicsRAM
I7 3930K Asus Sabertooth Asus GTX 680 8x4GB G.Skill@1337MHz 
Hard DriveOptical DriveCoolingOS
2xM4 64GB/ / F3 - 1TB / 2x2TB Baracudas some LG Modified EK 360 HFX 2x(Win7 x64) 
MonitorKeyboardPowerCase
SyncMaster P2770HD and SyncMaster 940NW Roccat Isku Corsair Gold AX750 NZXT 810 Switch 
MouseMouse Pad
Rocat Kone[+] Razer exactmat X 
  hide details  
Reply
/* Redemption*/
(14 items)
 
  
CPUMotherboardGraphicsRAM
I7 3930K Asus Sabertooth Asus GTX 680 8x4GB G.Skill@1337MHz 
Hard DriveOptical DriveCoolingOS
2xM4 64GB/ / F3 - 1TB / 2x2TB Baracudas some LG Modified EK 360 HFX 2x(Win7 x64) 
MonitorKeyboardPowerCase
SyncMaster P2770HD and SyncMaster 940NW Roccat Isku Corsair Gold AX750 NZXT 810 Switch 
MouseMouse Pad
Rocat Kone[+] Razer exactmat X 
  hide details  
Reply
post #40 of 54
Huh, 4 pages of talk about a massive internet security breach and not one mention of it being a secret NSA plot to steal Christmas from the orphans or something. Your slipping internet.
The Sleeper
(10 items)
 
 
Sony Xperia Z3
(7 items)
 
CPUMotherboardGraphicsGraphics
AMD FX 8320  Asus Sabertooth 990FX R2.0 MSI Radeon 7950 MSI Radeon 7950 
RAMHard DriveCoolingOS
8GB Crucial Ballistix Sport 1600mhz Samsung 470 SSD Corsair H80i Windows 7 64 Bit Home Premium 
PowerCase
Corsair HX850 Coolermaster HAF 932 
CPUMotherboardGraphicsRAM
Intel SU7300 Core2Duo 1.6 Ghz Alienware OEM Nvidia 335m 8 GB PNY memory 
Hard DriveOSMonitor
Samsing 840 SSD Windows 7 Home Premium 64-Bit Generic PNP monitor @ 75hz 
CPUGraphicsRAMHard Drive
Snapdragon 801 @ 2.5 Ghz Adreno 330 3 GB 32 GB  
CoolingOSMonitor
Blow on it Android 4.4.4 1920x1080 LCD 
  hide details  
Reply
The Sleeper
(10 items)
 
 
Sony Xperia Z3
(7 items)
 
CPUMotherboardGraphicsGraphics
AMD FX 8320  Asus Sabertooth 990FX R2.0 MSI Radeon 7950 MSI Radeon 7950 
RAMHard DriveCoolingOS
8GB Crucial Ballistix Sport 1600mhz Samsung 470 SSD Corsair H80i Windows 7 64 Bit Home Premium 
PowerCase
Corsair HX850 Coolermaster HAF 932 
CPUMotherboardGraphicsRAM
Intel SU7300 Core2Duo 1.6 Ghz Alienware OEM Nvidia 335m 8 GB PNY memory 
Hard DriveOSMonitor
Samsing 840 SSD Windows 7 Home Premium 64-Bit Generic PNP monitor @ 75hz 
CPUGraphicsRAMHard Drive
Snapdragon 801 @ 2.5 Ghz Adreno 330 3 GB 32 GB  
CoolingOSMonitor
Blow on it Android 4.4.4 1920x1080 LCD 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [AT] Critical Crypto Bug in OpenSSL Opens Two-Thirds of the Web to Eavesdropping