- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
NSA discovered/exploited Heartbleed for two years
Posted on 4/11/14 at 3:58 pm
Posted on 4/11/14 at 3:58 pm
LINK /
What wonderful protectors we have.
quote:
“The agency found the Heartbeat glitch shortly after its introduction, according to one of the people familiar with the matter, and it became a basic part of the agency’s toolkit for stealing account passwords and other common tasks,” Riley wrote.
“Putting the Heartbleed bug in its arsenal, the NSA was able to obtain passwords and other basic data that are the building blocks of the sophisticated hacking operations at the core of its mission, but at a cost,” he added. “Millions of ordinary users were left vulnerable to attack from other nations’ intelligence arms and criminal hackers.”
What wonderful protectors we have.
11
Posted on 4/11/14 at 3:59 pm to joshnorris14
Are they protecting us or themselves? Kind of like a robot turning on its maker.
Posted on 4/11/14 at 4:01 pm to joshnorris14
quote:
joshnorris14
Welcome back. Hadn't seen you in forever
Posted on 4/11/14 at 4:02 pm to Traffic Circle
You trade freedom for security. Did you expect anything less?
Posted on 4/11/14 at 4:02 pm to joshnorris14
You must be hiding something, sir.
Posted on 4/11/14 at 4:17 pm to asurob1
quote:
You trade freedom for security. Did you expect anything less?
I didn't expect the NSA to be able to get my password for Amazon or my bank account.
Oh yeah, I forgot: They aren't targeting me.
The government wouldn't dare target an individual that favors less government spending right? Just like the IRS applies their logic equally?
Posted on 4/11/14 at 4:55 pm to ironsides
Obamacare uses open ssl protocal . 
Posted on 4/11/14 at 5:27 pm to joshnorris14
These guys just suck at being Americans.
Posted on 4/11/14 at 5:28 pm to joshnorris14
The 'glitch' was probably something the NSA created.
Posted on 4/11/14 at 5:42 pm to constant cough
quote:
The 'glitch' was probably something the NSA created.
Ehhh, don't give them too much credit. They've been finding and exploiting loopholes and glitches like this for years.
Posted on 4/11/14 at 8:51 pm to AUin02
The public key private key model has been around for a long time now. This is a software issue.
ETA: Change your passwords now.
ETA: Change your passwords now.
This post was edited on 4/11/14 at 9:11 pm
Posted on 4/11/14 at 9:54 pm to drizztiger
What's funny is that changing passwords won't matter. This is a server/software side problem not a user. You change the password without the site patching then the hacker has new password.
Reality is no one is safe on Internet. If hackers want your info they can get it. It's luck if the draw.
We should be able to sue nsa for any problems we may have, but we all know that's not going to happen.
Reality is no one is safe on Internet. If hackers want your info they can get it. It's luck if the draw.
We should be able to sue nsa for any problems we may have, but we all know that's not going to happen.
Posted on 4/11/14 at 10:00 pm to joshnorris14
quote:
“The agency found the Heartbeat glitch
quote:Which is it? Or, are there two viruses?
NSA discovered/exploited Heartbleed for two years
Posted on 4/11/14 at 10:03 pm to LSURussian
quote:
Which is it? Or, are there two viruses
Posted on 4/11/14 at 10:04 pm to HailToTheChiz
quote:Yes, it will. Any data collected will no longer be relevant.
What's funny is that changing passwords won't matter.
quote:Agreed.
This is a server/software side problem not a user.
quote:True, but not exactly. 1. Sites need to patch. 2. All the major sites will or have done so. 3. This is a packet capture attack that doesn't target one individual. IE, no one is getting all of your passwords.
You change the password without the site patching then the hacker has new password.
quote:True, in a way perhaps. But plain text data isn't secure data. The issue with this vulnerability in OpenSSL (which in general, neither MS or Apple uses) is that the public key/private key secure connections have been compromised.
Reality is no one is safe on Internet. If hackers want your info they can get it. It's luck if the draw.
quote:Not sure about suing the NSA, but I'm not surprised they've known about it for 2 years and decided to not tell anyone.
We should be able to sue nsa for any problems we may have, but we all know that's not going to happen.
Posted on 4/11/14 at 10:09 pm to LSURussian
quote:
Which is it? Or, are there two viruses?
Heartbleed isn't a virus.
Posted on 4/11/14 at 10:13 pm to joshnorris14
So you don't know either? Or, are you just embarrassed your OP has such an obvious mistake in it?
Posted on 4/11/14 at 10:14 pm to Cs
Two bugs? Is that better?
Posted on 4/11/14 at 10:15 pm to LSURussian
quote:
So you don't know either? Or, are you just embarrassed your OP has such an obvious mistake in it?
The only one who made an obvious mistake is you.
Posted on 4/11/14 at 10:16 pm to joshnorris14
Heartbeat or Heartbleed, joshie. Which is it?
Page 1 of 2
Popular
Back to top
Follow TigerDroppings for LSU Football News