• An addendum to Rule 3 regarding fan-translated works of things such as Web Novels has been made. Please see here for details.
  • We've issued a clarification on our policy on AI-generated work.
  • Our mod selection process has completed. Please welcome our new moderators.
  • Due to issues with external spam filters, QQ is currently unable to send any mail to Microsoft E-mail addresses. This includes any account at live.com, hotmail.com or msn.com. Signing up to the forum with one of these addresses will result in your verification E-mail never arriving. For best results, please use a different E-mail provider for your QQ address.
  • For prospective new members, a word of warning: don't use common names like Dennis, Simon, or Kenny if you decide to create an account. Spammers have used them all before you and gotten those names flagged in the anti-spam databases. Your account registration will be rejected because of it.
  • Since it has happened MULTIPLE times now, I want to be very clear about this. You do not get to abandon an account and create a new one. You do not get to pass an account to someone else and create a new one. If you do so anyway, you will be banned for creating sockpuppets.
  • Due to the actions of particularly persistent spammers and trolls, we will be banning disposable email addresses from today onward.
  • The rules regarding NSFW links have been updated. See here for details.

PSA: Almost every server in the world may be compromised.

Malcolmo

Insert custom title here
Joined
Feb 19, 2013
Messages
15,159
Likes received
42,566
Saw this on SB reposted it here:
http://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/

Lest readers think "catastrophic" is too exaggerated a description for the critical defect affecting an estimated two-thirds of the Internet's Web servers, consider this: at the moment this article was being prepared, the so-called Heartbleed bug was exposing end-user passwords, the contents of confidential e-mails, and other sensitive data belonging to Yahoo Mail and almost certainly countless other services.

If anyone here has a password on Yahoo you may want to change it. Anywhere else and you'd have to wait till they fix it otherwise it won't make a difference.
 
If it's bad enough with Yahoo... Imagine how worse it'd be as 'countless other Services' could pretty much include any Service we use right now?
 
But didn't they say that this thing has been out there doing this for the last few years? That as catastrophic as this sounds we've not actually noticed anything until just recently.
 
Master of Squirrel-fu said:
But didn't they say that this thing has been out there doing this for the last few years? That as catastrophic as this sounds we've not actually noticed anything until just recently.
Which is why I'm just ignoring it.
 
Last edited by a moderator:
i heard it only affected ssl version 2.1 and up i think. Services using older versions of it or other security measures were unaffected. The problem is it is nearly impossible to figure out if a third party managed to see the information.
 
Last edited by a moderator:

Users who are viewing this thread

Back
Top