Bitcoin Forum
December 13, 2018, 07:24:45 PM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: heartbleed bug  (Read 525 times)
sj2199
Hero Member
*****
Offline Offline

Activity: 566
Merit: 500



View Profile
April 22, 2014, 06:36:07 AM
 #1

can someone explain me about heartbleed bug?what is it?why is it considered a big threat to internet security?? Huh Huh

             ▄█ █▄             
           ▄█▀█ █▀█▄           
         ▄█▀  █ █  ▀█▄         
       ▄█▀    █ █    ▀█▄       
     ▄█▀      █ █      ▀█▄     
   ▄█▀        █ █        ▀█▄   
 ▄█▀          █ ▀▀▀▀▀▀▀▀▀▀▀▀▀
 ▀█▄          █ ▄▄▄▄▄▄▄▄▄▄▄▄▄ 
   ▀█▄        █ █        ▄█▀ 
     ▀█▄      █ █      ▄█▀     
       ▀█▄    █ █    ▄█▀       
         ▀█▄  █ █  ▄█▀         
           ▀█▄█ █▄█▀           
             ▀█ █▀
ELISIA



.THE BLOCKCHAIN..............
.REVOLUTION HAS BEGUN.

▄▄▄   ▄▄▄▄▄    ▄▄  ▄▄   ▄▄▄▄▄▄   ▄▄  ▄▄▄  ▄▄




             ▄█ █▄             
           ▄█▀█ █▀█▄           
         ▄█▀  █ █  ▀█▄         
       ▄█▀    █ █    ▀█▄       
     ▄█▀      █ █      ▀█▄     
   ▄█▀        █ █        ▀█▄   
 ▄█▀          █ ▀▀▀▀▀▀▀▀▀▀▀▀▀
 ▀█▄          █ ▄▄▄▄▄▄▄▄▄▄▄▄▄ 
   ▀█▄        █ █        ▄█▀ 
     ▀█▄      █ █      ▄█▀     
       ▀█▄    █ █    ▄█▀       
         ▀█▄  █ █  ▄█▀         
           ▀█▄█ █▄█▀           
             ▀█ █▀




Free
Instant TX!!
DAPPS!!!





.BUY ELSA!.




  WEBSITE   
TELEGRAM
   TWITTER   
1544729085
Hero Member
*
Offline Offline

Posts: 1544729085

View Profile Personal Message (Offline)

Ignore
1544729085
Reply with quote  #2

1544729085
Report to moderator
1544729085
Hero Member
*
Offline Offline

Posts: 1544729085

View Profile Personal Message (Offline)

Ignore
1544729085
Reply with quote  #2

1544729085
Report to moderator
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1544729085
Hero Member
*
Offline Offline

Posts: 1544729085

View Profile Personal Message (Offline)

Ignore
1544729085
Reply with quote  #2

1544729085
Report to moderator
1544729085
Hero Member
*
Offline Offline

Posts: 1544729085

View Profile Personal Message (Offline)

Ignore
1544729085
Reply with quote  #2

1544729085
Report to moderator
1544729085
Hero Member
*
Offline Offline

Posts: 1544729085

View Profile Personal Message (Offline)

Ignore
1544729085
Reply with quote  #2

1544729085
Report to moderator
5flags
Full Member
***
Offline Offline

Activity: 224
Merit: 100

Professional anarchist


View Profile WWW
April 22, 2014, 06:52:31 AM
 #2

can someone explain me about heartbleed bug?what is it?why is it considered a big threat to internet security?? Huh Huh

http://heartbleed.com/

http://5fla.gs - @5flags on Twitter
Light
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500



View Profile
April 22, 2014, 07:04:05 AM
 #3

The heartbleed bug isn't exactly easy to understand (from a technical perspective) but in layman's terms it was a flaw in OpenSSL (which is used widely) that enabled attackers to gain access to 64kB of memory with each 'heartbeat' which allowed theft of servers' private keys and users' session cookies and passwords. Hence the suggestion to change your password - as it may be compromised.
HCLivess
Legendary
*
Offline Offline

Activity: 1554
Merit: 1062


[[[],[]],[[],[]]]


View Profile WWW
April 22, 2014, 12:05:14 PM
 #4

It is easy to explain the heartbleed bug:

You ask server for a varibale, the variable uses a 6-character-long string, but you request e.g. 600 characters instead and get much more than you should.

Bismuth - New Language, Interpretation Engines, Free Set of DAPPs https://bitcointalk.org/index.php?topic=1896497
Bitrated user: HCLivess.
rohnearner
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250

REAL-EYES || REAL-IZE || REAL-LIES||


View Profile WWW
April 22, 2014, 02:05:20 PM
 #5

It is easy to explain the heartbleed bug:

You ask server for a varibale, the variable uses a 6-character-long string, but you request e.g. 600 characters instead and get much more than you should.
Believe me I know what is Heartbleed bug and you explained to the simpler level but the problem this explanation won't work if the person don't know what is a variable how the client server model works etc..! so if someone asks me what is heartbleed bug..! I just tell them Its a vulnerability found in Open SSL then i explain them what is Open SSL then i explain them what is server and what is encryption ..! and when i look at there faces in the end of explanation I just tell them " Just change Your Passwords "

Foxpup
Legendary
*
Online Online

Activity: 2394
Merit: 1229



View Profile
April 23, 2014, 12:00:34 AM
 #6

The heartbleed bug isn't exactly easy to understand (from a technical perspective)
Yes, it is:

Will pretend to do unverifiable things (while actually eating an enchilada-style burrito) for bitcoins: 1K6d1EviQKX3SVKjPYmJGyWBb1avbmCFM4
mamichula
Sr. Member
****
Offline Offline

Activity: 310
Merit: 253


View Profile
April 23, 2014, 07:11:29 AM
 #7

It's considered a big treat because 2/3 of the websites on the internet use the software.

                 ░▒▓▓▓▓▓▓▓▓▓▒▒░
           ░▒█████████████████████▒░
         ▓███████████████████████████▓░
      ░███████████████▓░▒███████████████░
     ▓██████████▓▓▒░        ▒▒▓▓██████████
   ░███▓                               ▒███▒
  ░████               ▒▒▒               ████▒
 ░█████░           ░███████░            █████▒
 ██████░          ░██      ██▒          ██████
░██████░          ██       ██           ██████▒
▓██████           ██░ ░   ░██           ███████
▓██████         ████████████████        ███████
▓██████        █████████████████        ███████
░██████▒       ███████████████       ░██████▓
 ███████       █████████████████       ▓██████
 ░███████       ████████████████      ▓██████▒
  ▒███████▒       ░ ░     ░ ░       ░███████▒
   ░████████▒                     ▒████████▒
     ▓████████▓░               ░▓█████████
      ░██████████▓░          ▓██████████░
         ▓██████████▒     ▒██████████▓░
           ░▒██████████▒▓█████████▓░
                 ░▒▓▓▓▓▓▓▓▓▓▒▒░
Swordsoffreedom
Hero Member
*****
Offline Offline

Activity: 952
Merit: 1000


Trumpin it up for a bit


View Profile WWW
April 23, 2014, 07:45:59 AM
 #8

It's considered a big treat because 2/3 of the websites on the internet use the software.
Pretty much this and basically it allows people to send an inquiry question then have the server tell them the dirty little secrets as its reply
Refer to image above Smiley
Equate
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
April 23, 2014, 08:01:06 AM
 #9

Not only users need to change their passwords but websites also need to fix the bug . And this bug is constantly being exploited as you can see the security news .
nthunder
Newbie
*
Offline Offline

Activity: 50
Merit: 0


View Profile WWW
April 25, 2014, 07:02:43 PM
 #10

It's overrated. Journalists got jiggly because they actually got something to write about but it's far less severe than they make it sound. The vast majority of servers were already patched when the news came out. Don't sweat it.
RodeoX
Legendary
*
Offline Offline

Activity: 2828
Merit: 1073


The revolution will be monetized!


View Profile
April 25, 2014, 07:11:22 PM
 #11

That cartoon does a pretty good job of explaining it.  Smiley

The gospel according to Satoshi - https://bitcoin.org/bitcoin.pdf

Free bitcoin in AFRICA - https://bitcointalk.org/index.php?topic=2710325.msg27720734
Equate
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
April 25, 2014, 07:16:40 PM
 #12

Metasploit module for heartbleed is available already making its exploitation easy.
roslinpl
Legendary
*
Offline Offline

Activity: 1764
Merit: 1139


btc-embassy.com |#| bitcoinonlineembassy.com


View Profile WWW
April 25, 2014, 09:36:06 PM
 #13

The heartbleed bug isn't exactly easy to understand (from a technical perspective)
Yes, it is:


Hue hue. Good one. Smiley That's the point.

I cannot believe this bug ever come out ... Crazy Smiley

Security fail Smiley

      $50 BBCODE SIGNATURES | "BBCODING SINCE 2014"     

░░░░░░░░░░░░░░░░░░░▄▄████░░░░░░░░░▄▄█▀▀░▄▄▄▄▄▄▄▄░▀▀█▄▄░░░░░░░░░░████████████████████████████░
░░░░░░░░░░░░░░▄▄████████▌░░░░░░░▐██▄▄██████████████▄▄██▌░░░░░░░████▄░░░░░░░░░░░░░░░░░░░░▄████
░░░░░░░░░▄▄█████████▀███░░░░░░░░████████████████████████░░░░░░░██░▀██▄░░░░░░░░░░░░░░░░▄██▀░██
░░░░▄▄██████████▀▀░▄███▌░░░░░░░▐████████████████████████▌░░░░░░██░░░▀██▄░░░░░░░░░░░░▄██▀░░░██
▄████████████▀▀░░▄█████░░░░░░░░███████▀▀▀██████▀▀▀███████░░░░░░██░░░░░▀██▄░░░░░░░░▄██▀░░░░░██
▀▀▀███████▀░░░▄███████▌░░░░░░░▐██████░░░░░████░░░░░██████▌░░░░░██░░░░░░░▀██▄░░░░▄██▀░░░░░░░██
░░░░░░██░░░░▄█████████░░░░░░░░███████░░░░░████░░░░░███████░░░░░██░░░░░░░▄████▄▄████▄░░░░░░░██
░░░░░░░█░░▄██████████▌░░░░░░░▐████████▄▄▄██████▄▄▄████████▌░░░░██░░░░░▄██▀░░▀██▀░░▀██▄░░░░░██
░░░░░░░█░░███████████░░░░░░░░▐████████████████████████████▌░░░░██░░░▄██▀░░░░░░░░░░░░▀██▄░░░██
░░░░░░░█░██▀░▀██████▌░░░░░░░░░█████▄▄▀▀▀▀██████▀▀▀▀▄▄█████░░░░░██░▄██▀░░░░░░░░░░░░░░░░▀██▄░██
░░░░░░░██▀░░░░░▀████░░░░░░░░░░░▀▀██████░░░░░░░░░░██████▀▀░░░░░░████▀░░░░░░░░░░░░░░░░░░░░▀████
░░░░░░░░░░░░░░░░░▀█▌░░░░░░░░░░░░░░░▀▀▀░░░░░░░░░░░░▀▀▀░░░░░░░░░░░████████████████████████████░
pekv2
Hero Member
*****
Offline Offline

Activity: 770
Merit: 502



View Profile
April 25, 2014, 09:39:09 PM
 #14

Soon, a liverleakbleed bug will be found. Who knows how many more of these things are still in the wild.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!