raymac46 2,776 Posted April 17, 2014 Share Posted April 17, 2014 BTW the RCMP have nailed the perpetrator of the Heartbleed affair at Canada Revenue. 19 year old script kiddie, computer science student at University of Western Ontario. Did not cover his tracks very well. His dad is a computer science prof so the kid should have known better, or at least how to cover his tracks better. Link to post Share on other sites
ross549 1,255 Posted April 17, 2014 Share Posted April 17, 2014 Alas, since there is no way to tell when a site is attacked (to my knowledge it leaves no traces), we have no way to know whether a site we've visited/registered for has been compromised or not. Adam Link to post Share on other sites
crp 823 Posted April 17, 2014 Share Posted April 17, 2014 I have not had any of the web sites I frequent contact me suggesting I change my password. Link to post Share on other sites
Temmu 1,931 Posted April 17, 2014 Share Posted April 17, 2014 heartbleed is dragging on far longer than i'd like... Link to post Share on other sites
V.T. Eric Layton 6,684 Posted April 17, 2014 Share Posted April 17, 2014 Heartbleed is giving Internet security a nosebleed. Link to post Share on other sites
ross549 1,255 Posted April 17, 2014 Share Posted April 17, 2014 I have not had any of the web sites I frequent contact me suggesting I change my password. I've gotten two so far. One from an online store, and the other from an app developer. I'd think I would get more. Adam Link to post Share on other sites
V.T. Eric Layton 6,684 Posted April 17, 2014 Share Posted April 17, 2014 The only one I got was from Tumblr. Link to post Share on other sites
sunrat 2,315 Posted April 18, 2014 Author Share Posted April 18, 2014 Looks like a few more people are scrutinising the code now. Another new security update for OpenSSL in Debian today - http://forums.scotsnewsletter.com/index.php?showtopic=22937&st=700#entry394878 Link to post Share on other sites
Guest LilBambi Posted April 18, 2014 Share Posted April 18, 2014 Excellent! Link to post Share on other sites
ross549 1,255 Posted April 18, 2014 Share Posted April 18, 2014 I heard something somewhere that one of the BSDs was going to tear the code down and sift through the code with a fine tooth comb. I can't look it up here in class, since our internet access is heaviliy filtered. Link to post Share on other sites
zlim 1,250 Posted April 18, 2014 Share Posted April 18, 2014 I've only received one so far from fastmail.fm an email account. Link to post Share on other sites
crp 823 Posted April 18, 2014 Share Posted April 18, 2014 Seems to me that the initial 'rush of panic' has been overtaken by admins realizing that wait-a-sec , that version range of OpenSSL is not in operation or that the firewall is taking care of protecting the site. If you look at what it took for the Moscow group to break into the CloudFlare server to get the keys , one finds the CloudFlare firewall was not setup to detect repeated knocking and that it took the Moscow over 9 hours with optimal setups for getting the keys. So, not that the code goof isn't/wasn't a problem, just the real world facts are such that a lot less people were effected. btw: i keep reading that a Heartbleed siphoning can not be detected, it seems to me the logs can be checked to see if there dozens of attempts to connect to within a minute. Why a firewall setup would allow for that to begin with is another question Link to post Share on other sites
ross549 1,255 Posted April 18, 2014 Share Posted April 18, 2014 Good point. I think it was meant to be said that the server would not have any logs of the "intrusion" but mentioned nothing about firewalls. The attacker would need to send malformed UDP packets to the server. As far as I know, TLS over UDP is not something that is widely used, so the firewall could be easily set to block UDP TLS packets. Link to post Share on other sites
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now