JorgeStolfi
|
|
April 08, 2014, 08:57:10 AM |
|
Sounds like your government is one of the extraordinary efficient type.
Indeed. But it is not among the worst. I believe we have been rather lucky for the past 10 years, we have been much worse before. Of course without government there would be no universities and therefore no parasitic profs.
|
|
|
|
solex
Legendary
Offline
Activity: 1078
Merit: 1006
100 satoshis -> ISO code
|
|
April 08, 2014, 08:58:20 AM |
|
Has Huobi stopped trading? Fixing OpenSSL maybe?
edit: still going
|
|
|
|
dreamspark
|
|
April 08, 2014, 08:59:53 AM |
|
Another thing to remember with the shutting down of the smaller Chinese exchanges is which banks were they using if at all? It is likely that the smaller exchanges relied heavily on 3rd party payment processors and so makes sense that they would have to shut down. The larger exchanges who are making alot of money for the banks and dont completely rely on 3rd party payment processors aer likely to be unaffected?
|
|
|
|
dreamspark
|
|
April 08, 2014, 09:00:23 AM |
|
Has Huobi stopped trading? Fixing OpenSSL maybe?
Funny is just read the ars article on this, scary stuff.
|
|
|
|
JorgeStolfi
|
|
April 08, 2014, 09:05:51 AM |
|
Has Huobi stopped trading? Fixing OpenSSL maybe? edit: still going
Still frozen for me, by coincidence during a freefall, with the order book out of date. A trip switch perhaps?
|
|
|
|
KFR
|
|
April 08, 2014, 09:08:47 AM |
|
Like a kitten pouncing on shadows. ;p
|
|
|
|
ShroomsKit
|
|
April 08, 2014, 09:11:15 AM |
|
Some idiots panic sold already...
|
|
|
|
p0peji
|
|
April 08, 2014, 09:12:49 AM |
|
Some idiots panic sold already...
Where is the rest of the idiots when you need them to panic sell some more?
|
|
|
|
chessnut
Legendary
Offline
Activity: 924
Merit: 1001
|
|
April 08, 2014, 09:17:33 AM |
|
huobi froze at 2799 and then moved to 2783 where it is frozen now. hmm..... whats goin on
|
|
|
|
dreamspark
|
|
April 08, 2014, 09:20:11 AM |
|
Really dont want to see a dump now, cant do anything as I refuse to log into Bitstamp until they sort out their SSL vunerability.
|
|
|
|
chessnut
Legendary
Offline
Activity: 924
Merit: 1001
|
|
April 08, 2014, 09:22:46 AM |
|
If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?
|
|
|
|
KFR
|
|
April 08, 2014, 09:29:11 AM |
|
If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?
Hackers don't know every vulnerability that exists. Inevitably when a major exploit is first published some of the black hats that have just heard about it start trying it out. That's why admins rush to update their machines as soon as fixes are published, as is the case with this one.
|
|
|
|
dreamspark
|
|
April 08, 2014, 09:29:51 AM |
|
If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?
It depends if Perfect-Forward Security was used, if it wasn't then yeah were in the shit. If it was used then the sessions from before a private key is stolen are safe. There is also no knowing who and how many people knew about this and also which sites actually had heartbeat set up. Furthermore you dont know if anyone has actually stolen the private keys yet.
|
|
|
|
PoolMinor
Legendary
Offline
Activity: 1843
Merit: 1338
XXXVII Fnord is toast without bread
|
|
April 08, 2014, 09:31:39 AM |
|
|
|
|
|
solex
Legendary
Offline
Activity: 1078
Merit: 1006
100 satoshis -> ISO code
|
|
April 08, 2014, 09:32:58 AM |
|
If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?
It depends if Perfect-Forward Security was used, if it wasn't then yeah were in the shit. If it was used then the sessions from before a private key is stolen are safe. There is also no knowing who and how many people knew about this and also which sites actually had heartbeat set up. Furthermore you dont know if anyone has actually stolen the private keys yet. 2FA enabled, like authenticator, would prevent any major damage to an account. Passwords best changed though.
|
|
|
|
dreamspark
|
|
April 08, 2014, 09:35:48 AM |
|
If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?
It depends if Perfect-Forward Security was used, if it wasn't then yeah were in the shit. If it was used then the sessions from before a private key is stolen are safe. There is also no knowing who and how many people knew about this and also which sites actually had heartbeat set up. Furthermore you dont know if anyone has actually stolen the private keys yet. 2FA enabled, like authenticator, would prevent any major damage to an account. Passwords best changed though. Some people in the bitfinex thread are saying that their 2FA was compromised as well and positions closed as well as other internal transactions. Hackers were unable to withdraw though. On that note Bitfinex have also fixed the vulnerability and are regenerting their ssl certs.
|
|
|
|
KFR
|
|
April 08, 2014, 09:36:36 AM |
|
If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?
It depends if Perfect-Forward Security was used, if it wasn't then yeah were in the shit. If it was used then the sessions from before a private key is stolen are safe. There is also no knowing who and how many people knew about this and also which sites actually had heartbeat set up. Furthermore you dont know if anyone has actually stolen the private keys yet. 2FA enabled, like authenticator, would prevent any major damage to an account. Passwords best changed though. +1
|
|
|
|
gibbtek
Newbie
Offline
Activity: 29
Merit: 0
|
|
April 08, 2014, 09:57:54 AM |
|
Just want to say I love this forum. I log on every morning to have a read and drink my coffee (and then leave it open all day to stay on top of things)...
It really does provide me with the news that's most relevant to me, and a good laugh b/c the banter here is mostly pretty good.
My day job is as analyst developer and I manage a few servers to host client systems, so seeing this message about heartbleed is a big deal for me.
Defo good idea to stay away from any important SSL connections and reset passwords once the admins have confirmed they've updated their openssl packages - which shouldn't take long actually I manage to do mine in a short space of time.
So thanks for the heads up!
|
|
|
|
ChartBuddy
Legendary
Offline
Activity: 2338
Merit: 1802
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ
|
|
April 08, 2014, 10:00:31 AM |
|
|
|
|
|
fonzie
|
|
April 08, 2014, 10:02:00 AM |
|
Can someone please update me what´s happening. Are there more Bitcoin exchanges that have been hacked? Is that the reason why kraken.com went down a few times in the last days?
|
|
|
|
|