subsim.com is NOT affected by Heartbleed

[Skybird]

UPDATE:
OK, THERE IS NO ISSUE HERE,

Quote:

You are not vulnerable. You don't have Ssl enabled.

per my server manager.


-- Neal



.


.



.


.I just ran a test from this site:

http://possible.lv/tools/hb/

Result:




Uncle Neal, take over!!!

A test being negative and concluding the tested site is not vulnerable, would look like this:



Once Neal has fixed this, change of passwords is on order, guys. The risk lies in malicious trolls abuzsing your identity, and maybe even in the linking from subsim to Amazon - I do not know the latter, just remind that such a link exists on this website via the direct-buttons that Neal advertises. Whether your Amazon account could become corrupted if contacting Amazon via the subsim-buttons, I do not know. This heartbleed thing just is a core meltdown, and so I say: better safe than sorry.

[kranz]

I read '...is affected by butthurt'.

well, not much of a difference.

[STEED]

NOOOOOOOOOOOOO........

[Jimbuna]

I'll run a few of my usuals through this...cheers.

[BossMark]

Oh bugger!! so what does that mean?

[STEED]

OK I have changed my password for here to sexysod@sexy4589.

[Rhodes]

Quote:

Originally Posted by STEED

sexysod@sexy4589.

uhhhhhh.....

[STEED]

Quote:

Originally Posted by Rhodes

uhhhhhh.....

That was a password but no longer.

That is to say not here but else where.

[adrian_airbaby]

Apparently it's not an actual threat just yet. It's a future threat though,
and hi everyone, long time lurker here

[Skybird]

No, it is a thread coming from data that since long has been copied from servers. Since that data already is lost and the security certificates are corrupted, one must assume that all data that can be lost indeed IS lost. That data can reveal your identity can contain relevant codes and data allowing access to accounts you use, can decypher encrypted emails, and much more. You cannot press that genie back into the bottle anymore, it escaped. Possible that some people will get hit by that. Even if certificates and SSL software on servers can changed and patched, the already lost data remains to be lost, and can be used against you.

It's like a bottle leaking. The liquid already lost, remains to be lost, and may ruin your carpet. You can tighten the cap and replace it, and it then is properly sealed - but the liquid that already escaped, doe snot come back, and when it hit the carpet, you still will see the effect, no matter new cap or not.

Maybe this will heal some of the many incorrigible digital optimists who never see no harm coming from destruction of data protection and privacy, and from new technology in general, but I doubt it. Some cattle may stumble and drown when crossing a river. But the mass of the herd will just move on, uncaring.

[Wolferz]

Somebody changed my password to... 12345

[the_tyrant]

There is nothing to worry about guys, nothing to see here.

heartbleed is an ssl vulnerability. AKA, what you thought was encrypted may very well not have been encrypted.

However, subsim never even used SSL! In fact, if you read the message in the first picture, it said "error connecting" on port 443, well of course it would say that, subsim doesn't support SSL in the first place!


Now Neal, if you would like to enable SSL encryption for subsim, I'll gladly buy a certificate for you. PM me.

[Onkel Neal]

I'm on it.

Although Subsim is not https

[Jimbuna]

Quote:

Originally Posted by adrian_airbaby

Apparently it's not an actual threat just yet. It's a future threat though,
and hi everyone, long time lurker here

Welcome

[Jimbuna]

Quote:

Originally Posted by BossMark

Oh bugger!! so what does that mean?

Your bank account details are now in my possession