TimG Posted April 14, 2014 Report Posted April 14, 2014 This heartbleed exploit prove I am not an alarmist.Actually, it does the opposite. The heartbleed exploit is a serious issue that is easily addressed and most private corporations have quietly done this already. Only the government seems to have a problem and that is more of an indictment of government processes than the exploit itself. Yet you - alarmist too the core - wish to claim that this exploit is the end of civilization as we know it. Quote
GostHacked Posted April 15, 2014 Report Posted April 15, 2014 Actually, it does the opposite. The heartbleed exploit is a serious issue that is easily addressed and most private corporations have quietly done this already. Only the government seems to have a problem and that is more of an indictment of government processes than the exploit itself. Yet you - alarmist too the core - wish to claim that this exploit is the end of civilization as we know it. I am not an alarmist. I am a realist. This is just another example of what I am getting at with the inter-connectivity of everything. Now for MH. http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html What a way to keep things secure and safe under the guise of national security, by using an exploit that can see through SSL encryption. All on the up and up there. Quote
Michael Hardner Posted April 15, 2014 Report Posted April 15, 2014 Now for MH. http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html What a way to keep things secure and safe under the guise of national security, by using an exploit that can see through SSL encryption. All on the up and up there. I knew it was coming. FYI I ran projects using TLS 1.2 to convey personally identifiable information in 2009... am I safe ? Quote Click to learn why Climate Change is caused by HUMANS Michael Hardner
TimG Posted April 15, 2014 Report Posted April 15, 2014 What a way to keep things secure and safe under the guise of national security, by using an exploit that can see through SSL encryption. All on the up and up there.This statement is completely and totally false. The exploit does NOT allow anyone to see "see through SSL encryption". It allows people to get random snapshots of server memory which *might* have a username or password in it. It could, in theory, return SSL keys but only after those keys have been discarded (i.e. the memory has been returned to the pool for re-allocation). Quote
GostHacked Posted April 16, 2014 Report Posted April 16, 2014 I knew it was coming. It's not unreasonable to think that the NSA knew about it and used the exploit for their own gains. FYI I ran projects using TLS 1.2 to convey personally identifiable information in 2009... am I safe ? The potential risk is there. This risk in the SSL has existed for a couple years, but only recently discovered. Quote
GostHacked Posted April 16, 2014 Report Posted April 16, 2014 This statement is completely and totally false. The exploit does NOT allow anyone to see "see through SSL encryption". It allows people to get random snapshots of server memory which *might* have a username or password in it. It could, in theory, return SSL keys but only after those keys have been discarded (i.e. the memory has been returned to the pool for re-allocation). My statement is not false. It is essentially an opinion/notion. Quote
GostHacked Posted April 16, 2014 Report Posted April 16, 2014 http://www.bbc.com/news/technology-27050779 The fingerprint sensor on Samsung's Galaxy S5 handset has been hacked less than a week after the device went on sale. Berlin-based Security Research Labs fooled the equipment using a mould it had previously created to spoof the sensor on Apple's iPhone 5S. The researchers said they were concerned that thieves could exploit the flaw in Samsung's device to trigger money transfers via PayPal. The payments firm played down the risk. "While we take the findings from Security Research Labs [sRL] very seriously, we are still confident that fingerprint authentication offers an easier and more secure way to pay on mobile devices than passwords or credit cards," it said. http://www.bbc.com/news/technology-24203929 Hackers claim to have broken Apple's iPhone 5S Touch ID fingerprint recognition system just a day after the phone was launched. Germany's Chaos Computer Club claims it "successfully bypassed the biometric security of Apple's Touch ID using easy everyday means". By photographing a fingerprint left on a glass surface and creating a fake finger they were able to unlock the phone, the hackers claim. But Apple maintains Touch ID is secure. On its website the iPhone maker says there is a one in 50,000 chance of two separate fingerprints being alike and the technology provides "a very high level of security". Karsten Nohl, chief scientist at SRLabs, a German hacking think tank, told the BBC: "It would have been incredible if Apple had managed to do something the rest of the biometrics industry has failed to achieve after decades of trying, so I'm not surprised it was hacked after just one day. Either this is real shoddy programming, or incompetence. Who knows. Quote
Icebound Posted September 19, 2014 Author Report Posted September 19, 2014 Another event for resurrecting this thread http://www.cbc.ca/news/business/home-depot-admits-56-million-cards-hit-by-security-breach-1.2770827 Only a $3b cost. How long before some hack destroys a bank or two? Quote
Icebound Posted June 5, 2015 Author Report Posted June 5, 2015 Can we survive this death by a thousand cuts??? Will there be the one big failure which will make the 2008 financial meltdown seem like a mere hiccup? .. 4 million social insurance numbers hacked?Time to resurrect this thread... ... Quote
GostHacked Posted June 6, 2015 Report Posted June 6, 2015 Another event for resurrecting this thread http://www.cbc.ca/news/business/home-depot-admits-56-million-cards-hit-by-security-breach-1.2770827 Only a $3b cost. How long before some hack destroys a bank or two? If you pay attention to some of the tech sites, you will understand that large hacks occur daily. Quote
.thumb.jpg.9a49e1b2f22a6d34a345152c50044aa9.jpg)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.