Welcome Guest.   Make a donation to an author on the site April 20, 2014, 12:58:57 AM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
Free DonationCoder.com Member Kit: Submit Request.
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: Prev 1 [2]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: Are your websites secure? The heartbleed bug  (Read 1999 times)
TaoPhoenix
Supporting Member
**
Posts: 3,219



Making a Post, Editing it twice to make it nice.

see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #25 on: April 14, 2014, 01:34:01 AM »

Passwords, hmm? I never got motivated enough to get into those password vault programs - I just wanted the world to have at least a little simplicity. So I might just put a 1 onto the end of them all.

Logged
Renegade
Charter Member
***
Posts: 10,361



Tell me something you don't know...

see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #26 on: April 14, 2014, 03:37:05 AM »

This is a fantastic article:

http://falkvinge.net/2014...r-the-nsa-than-to-fix-it/

Quote
The NSA has an entire budget devoted to doing just this: “$1.6 billion a year on data processing and exploitation, more than a thousand times the annual budget of the OpenSSL project” reports The Verge. Their prime directive is to find bugs, keep them quiet, and exploit them for their own gain (sorry, “national security”). OpenSSL’s volunteers, on the other hand, need jobs to feed their families. As much as they might want to, they don’t have the time to devote the effort needed to make sure their code is rock-solid. And apparently, neither do its users. It took a Google employee two years to discover Heartbleed, despite the fact that they’re a multi-billion dollar corporation that depends on the integrity of things like OpenSSL. Evidently, though, it’s still not cost-effective to have dedicated teams keeping an eye on the code.

But then he goes full commie and it goes to pot. But still... a good read.
Logged

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker
ewemoa
Honorary Member
**
Posts: 2,242



View Profile Give some DonationCredits to this forum member
« Reply #27 on: April 16, 2014, 07:37:19 PM »

For reference, here's a page from Sparkfun regarding their response along with informing users of what they ought to do:

  https://www.sparkfun.com/news/1455
Logged
Pages: Prev 1 [2]   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.032s | Server load: 0 ]