Information We are safe with Heartbleed!

  1. Brivium

    Brivium - Apr 10, 2014 XenForo Services Staff Member


    This Monday, a bug in OpenSSL, revealed by security researchers at Codenomicon an independent security firm and also at Google, is named Heartbleed. Two third of the active world wide websites are compromised by this security flaw.

    Referring to Heartbleed, Bruce Schneier a security expert wrote in his blog post this week:
    The so-called bug was revealed on Monday, and it’s quickly considered as a biggest security vulnerability in computer history.

    So, what is Heartbleed?!
    Heartbleed is a catastrophic bug found in OpenSSL version 1.0.1 and 1.0.2-beta:
    Frankly speaking, the tools used to protect your data as it circulates over the net have a breach. Private data (passwords, card numbers, etc) is encrypted, turned into secret code and sent over the Internet, so that hackers cannot access it. But exploiting Heartbleed allow hackers to decypher the code and get their hands on your emails, passwords, messages, cryptical documentation, and communication.

    That’s the quick picture on the vulnerability.

    From our side, we have updated, double checked and tested to make sure Brivium is safe from Heartbleed. Up to this point, we strongly believe none of Brivium account has been compromised.

    So how can you know if a site is vulnerable and how to protect yourself?
    • If you are a site's owner using OpenSSL, please update the fix immediately with OpenSSL version 1.1.0g.
    • Make sure and check all the sites you visit frequently on whether or not they have been impacted by the breach either with this service made by Filippo Valsorda; or, install this Chrome extension, Chromebleed, it will give warnings when you visit a site that has been affected.
    • Check carefully your bank account and credit card for unusual transaction, since the hackers can use your information for their purposes.
    • If you still feel nervous and insecure, it might be best to go offline for a few days, wait until things are fixed.
    We are continuing in the alert mode against Heartbleed as well as other possible vulnerability and are on tops of our things. We suggest you to keep calm and keep tuned in for news and updates on the threat.
    Last edited: Aug 27, 2014