What is "Heartbleed"

Initiate
User avatar
Posts: 389
Joined: Sun Jul 22, 2012 3:04 am

PostWed Apr 09, 2014 5:27 pm » by flsts1


Anybody heard of this??? Apparently it's been in play for a couple of years.
I ain't tech savvy so perhaps you gurus out there can shed some light...
'Heartbleed' bug undoes Web encryption, reveals Yahoo passwords

A flaw in software that's widely used to secure Web communications means that passwords and other highly sensitive data could be exposed. Some say they've already found hundreds of Yahoo passwords.

by Stephen Shankland

@stshank
/April 8, 2014 2:55 AM PDT


http://www.cnet.com/news/heartbleed-bug ... passwords/
Try not to become a man of success but a man of value.
Albert Einstein

Conspirator
User avatar
Posts: 2316
Joined: Sun Aug 01, 2010 9:46 am

PostWed Apr 09, 2014 9:13 pm » by Cosmine


It's a great program to know if you're being hacked.....

Kinda like a caller id on the phone.


It could be used for mischief too...

The problem is a hole discovered in the most popular form of encryption used by web servers.

A bug in software used by millions of web servers could have exposed anyone visiting sites they hosted to spying and eavesdropping, say researchers.
The bug is in a software library used in servers, operating systems and email and instant messaging systems.
Called OpenSSL the software is supposed to protect sensitive data as it travels back and forth.
It is not clear how widespread exploitation of the bug has been because attacks leave no trace.
"If you need strong anonymity or privacy on the internet, you might want to stay away from the internet entirely for the next few days while things settle," said a blog entry about the bug published by the Tor Project which produces software that helps people avoid scrutiny of their browsing habits.
Statistics from netcraft say that 500,000 web servers run this software.
The Heartbleed bug can link just about any information from security keys to the actual content of your message.
What really annoys me is that the vulnerability was inserted in 2011.
Stuff like this is unacceptable. The security of the internet is simply too low for the average user. And the NSA is partly to blame. Although most of the blame can be put on tech companies, because their business models reward new features, but there is no financial reward for fixing bugs.

http://m.dailykos.com/story/2014/04/08/ ... a-few-days


:cheers:
Image
Cosmine's cohost...:M8


Upload to Disclose.tv




Vocasti! :twisted:

Super Moderator
User avatar
Posts: 18263
Joined: Thu Jul 22, 2010 4:20 am
Location: underneath the circumstances

PostThu Apr 10, 2014 6:39 pm » by The57ironman


flsts1 wrote:Anybody heard of this??? Apparently it's been in play for a couple of years.
I ain't tech savvy so perhaps you gurus out there can shed some light...
'Heartbleed' bug undoes Web encryption, reveals Yahoo passwords

A flaw in software that's widely used to secure Web communications means that passwords and other highly sensitive data could be exposed. Some say they've already found hundreds of Yahoo passwords.

by Stephen Shankland

@stshank
/April 8, 2014 2:55 AM PDT


http://www.cnet.com/news/heartbleed-bug ... passwords/

.

.....HEARTBLEED..?
... :peep: ..first i heard of it.. :peep:


The government considers this merging of government and corporate operations – basically corporatism, as Mussolini defined it – so essential Senator Jay Rockefeller tried to get the Cybersecurity Act of 2013 added as an amendment to the National Defense Authorization Act.




Upload to Disclose.tv


https://www.youtube.com/watch?v=oAJNnowrxSA
.

.....you can educate the ignorant...but there's no fk'n helping the stupid.

.

Initiate
User avatar
Posts: 389
Joined: Sun Jul 22, 2012 3:04 am

PostFri Apr 11, 2014 4:01 am » by flsts1


I wonder if this had anything to do with it....
By ERIC TUCKER, Associated Press

4 Billion: Bogus Tax Refunds a Growing Problem

"WASHINGTON (AP) — An Internet connection and a bunch of stolen identities are all it takes for crooks to collect billions of dollars in bogus federal tax refunds. And the scam is proving too pervasive to stop.

A government report released in November said the IRS issued nearly $4 billion in fraudulent tax refunds over the previous year to thieves who were using other people's personal information. Attorney General Eric Holder said this week that the "scale, scope and execution of these fraud schemes" has grown substantially and the Justice Department in the past year has charged 880 people.

Who's involved? In a video message released ahead of the April 15 tax filing deadline, Holder said the scams "are carried out by a variety of actors, from greedy tax return preparers to identity brokers who profit from the sale of personal information to gangs and drug rings looking for easy access to cash..."
read more...

http://hosted2-2.ap.org/CIGFP/e854a8db3 ... 973179c157
Thanks for all your input, guy's!
As far as I can deciepher is that it was screwing with Instant Messaging platforms...
Although when I was frequenting various site's, a message would pop up stating that they were dealing with "Bleedheart"
Try not to become a man of success but a man of value.
Albert Einstein

Super Moderator
User avatar
Posts: 18263
Joined: Thu Jul 22, 2010 4:20 am
Location: underneath the circumstances

PostFri Apr 11, 2014 1:54 pm » by The57ironman


.

...i wish i could give a sh*t what Eric Holder has to say.. :mrcool:

.
.

.....you can educate the ignorant...but there's no fk'n helping the stupid.

.

Initiate
User avatar
Posts: 193
Joined: Sun Aug 25, 2013 3:44 pm
Location: Destroying Uranus (Pew Pew)

PostSat Apr 12, 2014 4:55 pm » by Rumpleforeskin


likely a nsa funded cell.

Skynet cant become aware quick enough to re balance the scale.
That or zombie plague.
Or hostile alien bug invasion.

Just give me something to smash, chop, or shoot.
"If you ask me, beer is no different then piss, that stuff will never get you drunk. A Real man takes Rum."


Upload to Disclose.tv


Initiate
User avatar
Posts: 389
Joined: Sun Jul 22, 2012 3:04 am

PostSun Apr 13, 2014 2:54 pm » by flsts1


Here's a link to mashable.
In it they give a pretty comprehensive list of companies that they recommend to reset your passwords with.
"The Heartbleed Hit List: The Passwords You Need to Change Right Now"
http://mashable.com/2014/04/09/heartble ... affected/#
Try not to become a man of success but a man of value.
Albert Einstein



Visit Disclose.tv on Facebook