April 17, 2014, 05:59:54 PM

Author Topic: Warning: Heartbleed Bug affects 500px.com, flickr.com, et al!!  (Read 251 times)

RustyTheGeek

  • 5D Mark III
  • ******
  • Posts: 654
    • View Profile
    • Images I've Shot...
FYI - For those of you that haven't heard the news about the HEARTBLEED SSL BUG...

There are many websites that are vulnerable to the bug until they are patched.


Affected PHOTO sites include 500px.com and flickr.com.

(As listed here... https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt)

Also, I just tested the vonage.com login page and it is also affected.

Go to these sites to test (paste in the address of) the URL of the https login page before you use or login to the site again.  There is also a Chrome Extension linked at the filippo site.
https://www.ssllabs.com/ssltest  OR  http://filippo.io/Heartbleed/
Yes, but what would  surapon  say ??  :D

canon rumors FORUM


traingineer

  • PowerShot G1 X II
  • ***
  • Posts: 56
    • View Profile
    • Steam account
Re: Warning: Heartbleed Bug affects 500px.com, flickr.com, et al!!
« Reply #1 on: April 13, 2014, 02:09:04 PM »
FYI - For those of you that haven't heard the news about the HEARTBLEED SSL BUG...

There are many websites that are vulnerable to the bug until they are patched.


Affected PHOTO sites include 500px.com and flickr.com.

(As listed here... https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt)

Also, I just tested the vonage.com login page and it is also affected.

Go to these sites to test (paste in the address of) the URL of the https login page before you use or login to the site again.  There is also a Chrome Extension linked at the filippo site.
https://www.ssllabs.com/ssltest  OR  http://filippo.io/Heartbleed/


Thank you for the info!
7D | 24-70mm F2.8 I | 50mm F1.8 II | Sigma 105mm F2.8 OS

jrista

  • 1D X
  • *******
  • Posts: 3212
  • POTATO
    • View Profile
    • Nature Photography
Re: Warning: Heartbleed Bug affects 500px.com, flickr.com, et al!!
« Reply #2 on: April 13, 2014, 02:43:05 PM »
It isn't just these sites. OpenSSL is used in about 70% of web servers running open-source operating systems and web server software. It's also used for the majority of email servers, and OpenSSL is used ALL OVER the place for all kinds of other things.

This bug is really a disaster...you can no longer simply rely on the notion that if you are in SSL, your safe. It will take weeks at least for really critical sites to upgrade to the patched SSL version, and it could take months or years for the majority of affected servers to be patched.

That basically means you can no longer trust that when your browser says your secure (i.e. it's using SSL over HTTPS), that you actually are secure.

Trust nothing anymore, ppls! :P Web site security is now a highly nebulous thing. Unless you directly verify that the server is using OpenSSL 1.0.1g (or something else entirely, like Windows Server which is not affected), I wouldn't trust ANY web site under SSL for a while.
My Photography
Current Gear: Canon 7D | Canon EF 600mm f/4 L IS II | EF 100-400mm f/4.5-5.6 L IS | EF 16-35mm f/2.8 L | EF 100mm f/2.8 Macro | 50mm f/1.4
New Gear List: Canon 5D III/7D II | Canon EF 300mm f/2.8 L II

Mt Spokane Photography

  • 1D X
  • *******
  • Posts: 7704
    • View Profile
Re: Warning: Heartbleed Bug affects 500px.com, flickr.com, et al!!
« Reply #3 on: April 13, 2014, 10:43:10 PM »
My online store was affected, but was patched within 24 hours of the announcement. 
 
 

traingineer

  • PowerShot G1 X II
  • ***
  • Posts: 56
    • View Profile
    • Steam account
Re: Warning: Heartbleed Bug affects 500px.com, flickr.com, et al!!
« Reply #4 on: April 13, 2014, 10:44:08 PM »
Valve has also been affected.
7D | 24-70mm F2.8 I | 50mm F1.8 II | Sigma 105mm F2.8 OS

canon rumors FORUM

Re: Warning: Heartbleed Bug affects 500px.com, flickr.com, et al!!
« Reply #4 on: April 13, 2014, 10:44:08 PM »