Editing Talk:1353: Heartbleed
Please sign your posts with ~~~~ |
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | |||
− | |||
I added a transcript, if I messed up on anything, I'm sorry! [[Special:Contributions/173.245.55.73|173.245.55.73]] 06:08, 9 April 2014 (UTC) | I added a transcript, if I messed up on anything, I'm sorry! [[Special:Contributions/173.245.55.73|173.245.55.73]] 06:08, 9 April 2014 (UTC) | ||
:Thanks for the transcript! (nothing seems messed up) [[Special:Contributions/141.101.88.206|141.101.88.206]] 06:41, 9 April 2014 (UTC) | :Thanks for the transcript! (nothing seems messed up) [[Special:Contributions/141.101.88.206|141.101.88.206]] 06:41, 9 April 2014 (UTC) | ||
Line 10: | Line 8: | ||
I'd just like to take this moment to say that even though you probably don't have anything of value stored here, Explain xkcd is good on the Heartbleed front. Not using any of the affected software because the data we handle isn't private at all probably helps with that. And yes, Mediawiki hashes your passwords before they're sent. '''[[User:Davidy22|<u>{{Color|#707|David}}<font color=#070 size=3>y</font></u><font color=#508 size=4>²²</font>]]'''[[User talk:Davidy22|<tt>[talk]</tt>]] 07:18, 9 April 2014 (UTC) | I'd just like to take this moment to say that even though you probably don't have anything of value stored here, Explain xkcd is good on the Heartbleed front. Not using any of the affected software because the data we handle isn't private at all probably helps with that. And yes, Mediawiki hashes your passwords before they're sent. '''[[User:Davidy22|<u>{{Color|#707|David}}<font color=#070 size=3>y</font></u><font color=#508 size=4>²²</font>]]'''[[User talk:Davidy22|<tt>[talk]</tt>]] 07:18, 9 April 2014 (UTC) | ||
− | |||
− | |||
Have the following from [http://www.openssl.org/news/secadv_20140407.txt OpenSSL Bug Report] | Have the following from [http://www.openssl.org/news/secadv_20140407.txt OpenSSL Bug Report] | ||
Line 36: | Line 32: | ||
:Actually, attack is limited to data in memory of the webserver PROCESS. Even on affected computers, other applications are safe and most of disk content is safe. Not speaking about the fact that in many cases, the public-facing webserver is just proxy cache before the real ones. The real problem is if someone immediately used the revealed data - either to impersonate the server or for example found the admin password and used it to copy the database ... which DOES leave traces. I agree with Cueball: there can be worse kind of bug. In fact, I'm sure that what Edward Snowden revealed is worse, although not technically bug. -- [[User:Hkmaly|Hkmaly]] ([[User talk:Hkmaly|talk]]) 10:18, 9 April 2014 (UTC) | :Actually, attack is limited to data in memory of the webserver PROCESS. Even on affected computers, other applications are safe and most of disk content is safe. Not speaking about the fact that in many cases, the public-facing webserver is just proxy cache before the real ones. The real problem is if someone immediately used the revealed data - either to impersonate the server or for example found the admin password and used it to copy the database ... which DOES leave traces. I agree with Cueball: there can be worse kind of bug. In fact, I'm sure that what Edward Snowden revealed is worse, although not technically bug. -- [[User:Hkmaly|Hkmaly]] ([[User talk:Hkmaly|talk]]) 10:18, 9 April 2014 (UTC) | ||
− | : Hkmaly -- Completely agree. Posted a [ | + | : Hkmaly -- Completely agree. Posted a [security.stackexchange.com/questions/55270/does-xkcd-com-1353-overstate-heartbleeds-capability similar discussion at security.stackexchange.com] and altered the text here to describe heartbleed in more detail. [[User:Jimbob|Jimbob]] ([[User talk:Jimbob|talk]]) 21:33, 9 April 2014 (UTC) |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− |