The Powder Toy

Heartbleed Bug

  • NF     12th Apr 2014 Member 0 Permalink
    This post has been removed
  • Box-Poorsoft     12th Apr 2014 Banned 1 Permalink
    This post is hidden because the user is banned
  • h4zardz1     12th Apr 2014 Member 0 Permalink
    This post has been removed
  • CeeJayBee     12th Apr 2014 Member 0 Permalink
    This post has been removed
  • h4zardz1     12th Apr 2014 Member 0 Permalink
    This post has been removed
  • therocketeer     12th Apr 2014 Member 0 Permalink
    inb4 post removed
  • jacob1     12th Apr 2014 Developer 0 Permalink
    I left it unlocked in case anyone has serious questions about the bug, since it is pretty major. Don't go offtopic.

    I highly doubt any TPT passwords got stolen, but feel free to change your password if you are worried. The main powdertoy.co.uk website wasn't vulnerable, no idea about anything else, probably not that either based on what Simon said.

    It might be a good idea to change passwords elsewhere though, such as minecraft passwords, or email passwords. You never know, because after the bug got attention i'm sure many people tried abusing it.
    Edited once by jacob1. Last: 12th Apr 2014
  • zBuilder     13th Apr 2014 Member 0 Permalink

    if the client does not authenticate using TLS with the OpenSSL libaray, it should be fine. if the server has an up-to-date version of OpenSSL the only problem that might arise is if it had been significantly comprimised at some time prior to the patch(which is not possible to detect,unfortunately). if no part uses OpenSSL at all, the issue doesn't affect Powdertoy.

  • OC39648     13th Apr 2014 Member 2 Permalink

     

  • CeeJayBee     13th Apr 2014 Member 0 Permalink

    @OC39648 (View Post)


     Yay, someone actually reads xkcd.


    Also, didn't he already do a comic about Heartbleed on Wednesday?


    EDIT: Yup, http://xkcd.com/1353/


    Our imaginations are safe!

    Edited 5 times by CeeJayBee. Last: 13th Apr 2014
You need to login before you can post replies