EVE Search - Heartbleed Open SSL Vulnerability

All Channels

EVE General Discussion

Heartbleed Open SSL Vulnerability - Information needed

» Click here to find additional results for this topic using Google

Monitor this thread via RSS [?]

Pages: [1] :: one page
Author	Thread Statistics \| Show CCP posts - 1 post(s)
Saint Michaels Soul PCG Enterprises 11	Posted - 2014.04.09 15:51:00 - [1] - Quote There is a massive security flaw in Open SSL, announced offically yesterday, which means that "secure" websites (except those running MS IIS oddly) such as the eve forums and indeed the Eve Gate website can have all of their data read and intercepted, if they are using this software. Can someone from CCP tell us: 1. Whether this has been patched yet (Please god say "yes") 2. Whether we should all update all of our account passwords (I suspect "yes") for every account As a game constantly targeted by hackers and ddos attacks, it would be nice to have a reassuring announcement from the tech gerbils who manage the sites (and potentially the launcher), even if its to say "nothing to worry about, doesn't affect us" Saint Mick.
Crasniya Strange Energy Gentlemen's Agreement 493	Posted - 2014.04.09 15:53:00 - [2] - Quote As far as I know, CCP is actually pretty heavily reliant on Microsoft infrastructure. ASPX for the forums, MSSQL for the database, etc. The OpenSSL flaw affects Linux servers, so I doubt much of CCP's infrastructure is affected.
Enraku Reynolt Peripheral Patrol Shadow's Edge Alliance 33	Posted - 2014.04.09 15:56:00 - [3] - Quote its things like this that make me wish they would give us an authenacation app, or maybe an option to get a text if your account is logged in from somewhere removed for your previous just something to add an extra layer to the accounts
Velicitia Emergent Avionics 2137	Posted - 2014.04.09 15:56:00 - [4] - Quote Seeing as CCP is a MS shop all the way, it's a pretty good bet they're running MS IIS for the web servers too. (also, asp pages). edit - beaten to it One of the bitter points of a good bittervet is the realisation that all those SP don't really do much, and that the newbie is having much more fun with what little he has. - Tippia
Tippia Sunshine and Lollipops 20550	Posted - 2014.04.09 15:58:00 - [5] - Quote What we don't particularly need is a second thread on the topicGÇª GÇ£If you're not willing to fight for what you have in GëívGëí you don't deserve it, and you will lose it.GÇ¥ Get a good start: Newbie skill plan 2.1.
Doc Fury Furious Enterprises 4328	Posted - 2014.04.09 15:59:00 - [6] - Quote I guess OP missed the other thread on this. You could always file a support ticket if you want an official answer. FYI, openSSL is used in lots of things other than "linux servers". Great day to be a SSL cert vendor. The accumulated filth of all their sex and murder will foam up about their waists and all the ho's and politicians will look up and shout 'Save us!' and I'll look down, and whisper 'Hodor'.
Lucas Kell JSR1 AND GOLDEN GUARDIAN PRODUCTIONS SpaceMonkey's Alliance 3122	Posted - 2014.04.09 16:15:00 - [7] - Quote Doc Fury wrote: FYI, openSSL is used in lots of things other than "linux servers". This. And like others have said, CCP run on Microsoft servers which would only be vulnerable if you went out of your way to make it use OpenSSL, and would have considerably more problems than this one. What you should take into account though is that other servers may be vulnerable, so if you use the same passwords anywhere else they could theoretically be captured if the site or service is vulnerable. And it's not just web servers either, it's pretty much anything that uses OpenSSL. The Indecisive Noob - A new EVE Fan Blog for news and stuff. Wholesale Trading - The new bulk trading mailing list.
Bienator II madmen of the skies 2530	Posted - 2014.04.09 16:15:00 - [8] - Quote i don't think ccp has a single linux server in their stack. eve style bounties (done) dust boarding parties imagine there is war and everybody cloaks - join FW
Ramona McCandless The McCandless Clan Council of Peace and Prosperity 3270	Posted - 2014.04.09 16:17:00 - [9] - Quote Thank the Gods Im just an algorythm * Vote MTU For CSM * *Free The Jita 1* "They feel the need to cover their ears and eyes in horror at your very presence." - Pontianak Sythaeryn "Despite others being missing, at least Ramona is back." - Scipio Artelius
Mr Epeen It's All About Me 5172	Posted - 2014.04.09 16:35:00 - [10] - Quote By the time we proles find out anything it is already too late. We are doomed people. Just kiss your ass goodbye. Mr Epeen There are 86,400 seconds in a day. You just saved one of them by typing 'u' instead of 'you'.-á Congratulations, dumbass!
Serene Repose 1230	Posted - 2014.04.09 18:08:00 - [11] - Quote bleeding heart liberals always worrying about how things feel...how's your computer feel? geez. grow a pair! (This incendiary message has been brought to you as a public service by People Who Do Not Care, all rights reserved.) I have sworn upon the altar of God eternal hostility toward every form of tyranny over the mind of man.-á
Steve Ronuken Fuzzwork Enterprises Vote Steve Ronuken for CSM 3015	Posted - 2014.04.09 18:16:00 - [12] - Quote Should also be noted, It's not all linux servers either. There are a great many servers running on the 0.9.8 branch of openssl, which are totally unaffected by this bug. Until around 4 months ago, Centos 6 wasn't on the vulnerable version. (and if they upgraded, it may not have loaded the new library). 5 is still running on 0.9.8 Steve Ronuken for CSM 9! https://forums.eveonline.com/default.aspx?g=posts&m=4236322 http://www.fuzzwork.co.uk/ Twitter: @fuzzysteve on Twitter
Doireen Kaundur 562	Posted - 2014.04.09 20:11:00 - [13] - Quote Saint Michaels Soul wrote: (except those running MS IIS oddly) Ironic, huh? A great American humorist and author recently said: "The one unintentional flaw of the internet generation is its ability to give the stupidest segments of our population the loudest voices." I have a tendency to agree with his statement.-á

ISD Ezwal ISD Community Communications Liaisons 1127	Posted - 2014.04.09 20:17:00 - [14] - Quote As there is already a thread on the same topic (including Dev answer), this one gets a lock. The rules: 16. Redundant and re-posted threads will be locked. As a courtesy to other forum users, please search to see if there is a thread already open on the topic you wish to discuss. If so, please place your comments there instead. Multiple threads on the same subject clutter up the forums needlessly, causing good feedback and ideas to be lost. Please keep discussions regarding a topic to a single thread. ISD Ezwal Captain Community Communication Liaisons (CCLs) Interstellar Services Department


Pages: [1] :: one page
First page \| Previous page \| Next page \| Last page

COPYRIGHT NOTICE
EVE Online, the EVE logo, EVE and all associated logos and designs are the intellectual property of CCP hf. All artwork, screenshots, characters, vehicles, storylines, world facts or other recognizable features of the intellectual property relating to these trademarks are likewise the intellectual property of CCP hf. EVE Online and the EVE logo are the registered trademarks of CCP hf. All rights are reserved worldwide. All other trademarks are the property of their respective owners. CCP hf. has granted permission to EVE-Search.com to use EVE Online and all associated logos and designs for promotional and information purposes on its website but does not endorse, and is not in any way affiliated with, EVE-Search.com. CCP is in no way responsible for the content on or functioning of this website, nor can it be liable for any damage arising from the use of this website.