Bitcoin Forum
October 01, 2022, 08:38:17 AM *
News: Latest Bitcoin Core release: 23.0 [Torrent]
 
   Home   Help Search Login Register More  
Poll
Question: Did we reach the bottom already?
Yes - 60 (50%)
No, it's coming later this year - 44 (36.7%)
No, it's coming next year or after - 16 (13.3%)
Total Voters: 120

Pages: « 1 ... 5681 5682 5683 5684 5685 5686 5687 5688 5689 5690 5691 5692 5693 5694 5695 5696 5697 5698 5699 5700 5701 5702 5703 5704 5705 5706 5707 5708 5709 5710 5711 5712 5713 5714 5715 5716 5717 5718 5719 5720 5721 5722 5723 5724 5725 5726 5727 5728 5729 5730 [5731] 5732 5733 5734 5735 5736 5737 5738 5739 5740 5741 5742 5743 5744 5745 5746 5747 5748 5749 5750 5751 5752 5753 5754 5755 5756 5757 5758 5759 5760 5761 5762 5763 5764 5765 5766 5767 5768 5769 5770 5771 5772 5773 5774 5775 5776 5777 5778 5779 5780 5781 ... 31384 »
  Print  
Author Topic: Wall Observer BTC/USD - Bitcoin price movement tracking & discussion  (Read 25816982 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic. (170 posts by 5 users with 9 merit deleted.)
KFR
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500


Per ardua ad luna


View Profile
April 08, 2014, 09:29:11 AM

If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?

Hackers don't know every vulnerability that exists.  Inevitably when a major exploit is first published some of the black hats that have just heard about it start trying it out.

That's why admins rush to update their machines as soon as fixes are published, as is the case with this one.

1664613497
Hero Member
*
Offline Offline

Posts: 1664613497

View Profile Personal Message (Offline)

Ignore
1664613497
Reply with quote  #2

1664613497
Report to moderator
1664613497
Hero Member
*
Offline Offline

Posts: 1664613497

View Profile Personal Message (Offline)

Ignore
1664613497
Reply with quote  #2

1664613497
Report to moderator
Even if you use Bitcoin through Tor, the way transactions are handled by the network makes anonymity difficult to achieve. Do not expect your transactions to be anonymous unless you really know what you're doing.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1664613497
Hero Member
*
Offline Offline

Posts: 1664613497

View Profile Personal Message (Offline)

Ignore
1664613497
Reply with quote  #2

1664613497
Report to moderator
1664613497
Hero Member
*
Offline Offline

Posts: 1664613497

View Profile Personal Message (Offline)

Ignore
1664613497
Reply with quote  #2

1664613497
Report to moderator
1664613497
Hero Member
*
Offline Offline

Posts: 1664613497

View Profile Personal Message (Offline)

Ignore
1664613497
Reply with quote  #2

1664613497
Report to moderator
dreamspark
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000


View Profile
April 08, 2014, 09:29:51 AM

If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?

It depends if Perfect-Forward Security was used, if it wasn't then yeah were in the shit. If it was used then the sessions from before a private key is stolen are safe. There is also no knowing who and how many people knew about this and also which sites actually had heartbeat set up. Furthermore you dont know if anyone has actually stolen the private keys yet.
PoolMinor
Legendary
*
Offline Offline

Activity: 1839
Merit: 1324


XXXVII Fnord is toast without bread


View Profile
April 08, 2014, 09:31:39 AM

Time to consult your pineal gland.


http://www.youtube.com/watch?v=CTC_eeJj7zE
solex
Legendary
*
Offline Offline

Activity: 1078
Merit: 1002


100 satoshis -> ISO code


View Profile
April 08, 2014, 09:32:58 AM

If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?

It depends if Perfect-Forward Security was used, if it wasn't then yeah were in the shit. If it was used then the sessions from before a private key is stolen are safe. There is also no knowing who and how many people knew about this and also which sites actually had heartbeat set up. Furthermore you dont know if anyone has actually stolen the private keys yet.

2FA enabled, like authenticator, would prevent any major damage to an account. Passwords best changed though.
dreamspark
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000


View Profile
April 08, 2014, 09:35:48 AM

If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?

It depends if Perfect-Forward Security was used, if it wasn't then yeah were in the shit. If it was used then the sessions from before a private key is stolen are safe. There is also no knowing who and how many people knew about this and also which sites actually had heartbeat set up. Furthermore you dont know if anyone has actually stolen the private keys yet.

2FA enabled, like authenticator, would prevent any major damage to an account. Passwords best changed though.


Some people in the bitfinex thread are saying that their 2FA was compromised as well and positions closed as well as other internal transactions. Hackers were unable to withdraw though.

On that note Bitfinex have also fixed the vulnerability and are regenerting their ssl certs.
KFR
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500


Per ardua ad luna


View Profile
April 08, 2014, 09:36:36 AM

If this ssl vulnerablility has been a problem since 2011, why should we be worried now? are hackers targeting every site?

It depends if Perfect-Forward Security was used, if it wasn't then yeah were in the shit. If it was used then the sessions from before a private key is stolen are safe. There is also no knowing who and how many people knew about this and also which sites actually had heartbeat set up. Furthermore you dont know if anyone has actually stolen the private keys yet.

2FA enabled, like authenticator, would prevent any major damage to an account. Passwords best changed though.


+1
gibbtek
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
April 08, 2014, 09:57:54 AM

Just want to say I love this forum. I log on every morning to have a read and drink my coffee (and then leave it open all day to stay on top of things)...

It really does provide me with the news that's most relevant to me, and a good laugh b/c the banter here is mostly pretty good.

My day job is as analyst developer and I manage a few servers to host client systems, so seeing this message about heartbleed is a big deal for me.

Defo good idea to stay away from any important SSL connections and reset passwords once the admins have confirmed they've updated their openssl packages - which shouldn't take long actually I manage to do mine in a short space of time.

So thanks for the heads up!
ChartBuddy
Legendary
*
Offline Offline

Activity: 1582
Merit: 1450


1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ


View Profile
April 08, 2014, 10:00:31 AM


Explanation
fonzie
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500


Moderator


View Profile
April 08, 2014, 10:02:00 AM

Can someone please update me what´s happening. Are there more Bitcoin exchanges that have been hacked?
Is that the reason why kraken.com went down a few times in the last days?
chessnut
Legendary
*
Offline Offline

Activity: 924
Merit: 1001



View Profile
April 08, 2014, 10:04:34 AM

Can someone please update me what´s happening. Are there more Bitcoin exchanges that have been hacked?
Is that the reason why kraken.com went down a few times in the last days?

Unfortunately not fonzie. no more exchanges down.
fonzie
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500


Moderator


View Profile
April 08, 2014, 10:05:13 AM

Can someone please update me what´s happening. Are there more Bitcoin exchanges that have been hacked?
Is that the reason why kraken.com went down a few times in the last days?

Unfortunately not fonzie. no more exchanges down.

Thanks  Sad
freebit13
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500

I got Satoshi's avatar!


View Profile
April 08, 2014, 10:05:51 AM

OpenSSL compromised... Internet goes to zero...  Grin
fonzie
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500


Moderator


View Profile
April 08, 2014, 10:10:48 AM

What's up with delay of Huobi's trading feed

What delay, mine is up to date, actually @ 1245CNY
p0peji
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250



View Profile
April 08, 2014, 10:14:32 AM

What's up with delay of Huobi's trading feed

What delay, mine is up to date, actually @ 1245CNY

If only that was true  Grin
mah87
Donator
Hero Member
*
Offline Offline

Activity: 756
Merit: 500

-Bitcoin & Ripple-


View Profile
April 08, 2014, 10:21:05 AM

Please VOTE ! https://bitcointalk.org/index.php?topic=558348.msg6087123#msg6087123

THANK YOU Smiley  Kiss
koryu
Hero Member
*****
Offline Offline

Activity: 680
Merit: 507



View Profile
April 08, 2014, 10:43:59 AM

First time I actually visited Huobi, man what a crappy design

they mix up red and green volume, its annoying Cheesy
spooderman
Legendary
*
Offline Offline

Activity: 1624
Merit: 1008


View Profile WWW
April 08, 2014, 10:56:22 AM

login on stamp disabled.

Wonder if the CEO of the internet will resign?
TakeTheSkyRoad
Full Member
***
Offline Offline

Activity: 173
Merit: 100


View Profile
April 08, 2014, 10:58:45 AM

Starting from the Coin Desk article there is this test site :
http://filippo.io/Heartbleed/

Here are my test results :
(list from bitcoinwisdom)

All good, btc-e.com:443 seems not affected!
All good, cavirtex.com:443 seems not affected!
All good, bitcoin.de:443 seems not affected!
All good, coinbase.com:443 seems not affected!
All good, kraken.com:443 seems not affected!
All good, bitfinex.com:443 seems not affected!
All good, bter.com:443 seems not affected!

bitstamp.net:443 IS VULNERABLE
btcchina.com:443 IS VULNERABLE
okcoin.com:443 IS VULNERABLE
cryptsy.com:443 IS VULNERABLE

The test site did error with a couple of sites, namely huobi.com and campbx.com

A bit more detail lifted from the article for the lazy :
Quote
Exploiting Heartbleed, an attacker could access the RAM of affected systems, allowing them to see up to 64 kilobytes of data at a time – enough to build up enough knowledge to access a system’s secret keys. Those keys are used to encrypt and decrypt sensitive traffic and identify service providers.
ChartBuddy
Legendary
*
Offline Offline

Activity: 1582
Merit: 1450


1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ


View Profile
April 08, 2014, 11:00:30 AM


Explanation
barbs
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1000


View Profile
April 08, 2014, 11:01:23 AM

lmao

so basically logins are disabled but trading is allowed.

Gox flashbacks?

Anyone with the API set up wins, everyone else loses? not cool bitstamp./
Pages: « 1 ... 5681 5682 5683 5684 5685 5686 5687 5688 5689 5690 5691 5692 5693 5694 5695 5696 5697 5698 5699 5700 5701 5702 5703 5704 5705 5706 5707 5708 5709 5710 5711 5712 5713 5714 5715 5716 5717 5718 5719 5720 5721 5722 5723 5724 5725 5726 5727 5728 5729 5730 [5731] 5732 5733 5734 5735 5736 5737 5738 5739 5740 5741 5742 5743 5744 5745 5746 5747 5748 5749 5750 5751 5752 5753 5754 5755 5756 5757 5758 5759 5760 5761 5762 5763 5764 5765 5766 5767 5768 5769 5770 5771 5772 5773 5774 5775 5776 5777 5778 5779 5780 5781 ... 31384 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!