Change your password (Heartbleed zero-day vulnerability) CERT UPDATED!


Recommended Posts

Steven P.

Regarding this news post http://www.neowin.net/news/openssl-affected-by-heartbleed-zero-day-vulnerability

 

We were affected too, someone registered on Neowin to let us know we were vulnerable, so thanks for that (Y)

 

We have since patched our web servers (yesterday) and we're no longer vulnerable to the Heartbleed vulnerability, but since we use SSL to log you in it's a good idea to update your password.

 

I have changed mine :p

 

Edit: This affects everyone, because everyone is logged in securely.

  • Like 1
Link to post
Share on other sites
Shaun N.

I'm not fussed if someone logs into my account - they can up my post count while they are at it. Thanks for the heads up though

  • Like 6
Link to post
Share on other sites
+Zlip792

Subscribers (2) only or everyone should?

Link to post
Share on other sites
Shaun N.

Subscribers (2) only or everyone should?

 

Everyone logs in via SSL so everyone would need to change their passwords

  • Like 2
Link to post
Share on other sites
+Zlip792

Everyone logs in via SSL so everyone would need to change their passwords

 

Thanks...

Link to post
Share on other sites
Steven P.

Yep, everyone.. I will update the OP.

Link to post
Share on other sites
Nick H.

I've just updated my password. You can expect an email from me tomorrow when I've forgotten what I set it to. :p

  • Like 3
Link to post
Share on other sites
+Anarkii

Imma leave mine as it is, simply because I dont even know my password, I use Facebook to login :D

Link to post
Share on other sites
Crisp

Changed! Now: password1

  • Like 9
Link to post
Share on other sites
Vykranth

Changed! Now: password1

 

Not fair, I wanted to use that one! I'll go with that one then

 

Edit: One day, I will figure out how to embed youtube videos on the first try. AUGH!

  • Like 3
Link to post
Share on other sites
Grinch

Appreciate the heads-up!

Link to post
Share on other sites
+xrobwx71

Thanks! Password changed!

Link to post
Share on other sites
Grinch

Odd. Now that I've changed it, the news page will not keep me logged in. I'm logged in when I go to the forums but not when I am on the news page. :(

Link to post
Share on other sites
Brandon H

Odd. Now that I've changed it, the news page will not keep me logged in. I'm logged in when I go to the forums but not when I am on the news page. :(

log out then back in. it's a issue with the cookie

 

also: happy birthday :)

  • Like 1
Link to post
Share on other sites
Grinch

log out then back in. it's a issue with the cookie

 

also: happy birthday :)

 

That seems to have fixed it, thanks! Thanks for the birthday part as well. :)

Link to post
Share on other sites
COKid

Changed to "qwerty". Thanks! ;)

 

Seriously, what's the point of rushing to change my passwords if the sites I deal with haven't updated their security procedures? The new passwords will be just as vulnerable, won't they?

 

I'm not trying to be snarky. Just wondering. TIA.

Link to post
Share on other sites
greenwizard88

Wouldn't it only effect people if they tried to login while someone was looking? I'm going to chance my password, but just to understand how this worked...

Link to post
Share on other sites
Krome

Password is changed to 123

 

[EDIT]

Ok after I changed my password,  I post this and then I went to www.neowin.net front page, I was not logged in and when I attempt to log in, I get this:

post-956-0-31049600-1397058652.png

Link to post
Share on other sites
Brandon H

Password is changed to 123

 

[EDIT]

Ok after I changed my password,  I post this and then I went to www.neowin.net front page, I was not logged in and when I attempt to log in, I get this:

attachicon.gifWhy.PNG

i refer you to my previous post

 

log out and then back in. a new password cookie needs to be created for the front page

Link to post
Share on other sites
ESC@PE

I thought this (Heartbleed) issue was known about for a while now. But they only just issued a fix for it, correct?

Link to post
Share on other sites
+theblazingangel

Regarding this news post http://www.neowin.net/news/openssl-affected-by-heartbleed-zero-day-vulnerability

 

We were affected too, someone registered on Neowin to let us know we were vulnerable, so thanks for that thumbs_up.gif

 

We have since patched our web servers (yesterday) and we're no longer vulnerable to the Heartbleed vulnerability, but since we use SSL to log you in it's a good idea to update your password.

 

I have changed mine tongue.png

 

Edit: This affects everyone, because everyone is logged in securely.

 

While the Neowin servers may be patched, the certificate is dated July 2013. To properly address this extremely critical vulnerability, patching by itself isn't enough; certificates also need to be revoked and replaced just incase their private keys have been compromised. It is pointless for us to change our passwords until this is addressed...

Link to post
Share on other sites
+warwagon

While the Neowin servers may be patched, the certificate is dated July 2013. To properly address this extremely critical vulnerability, patching by itself isn't enough; certificates also need to be revoked and replaced just incase their private keys have been compromised. It is pointless for us to change our passwords until this is addressed...

 

Isn't that only if you google or some how get duped into clicking on a fake Neowin link. If you bookmark neowin and use that we should be ok.

 

Also you can use this link https://www.ssllabs.com/ to check sites to see if they are vulnerable to the heartbleed vulnerability.

Link to post
Share on other sites
Praetor

Neobond, I've been using the same password on this site since i register on it! Do you really think I'm going to change it?

 

Also you can use this link https://www.ssllabs.com/ to check sites to see if they are vulnerable to the heartbleed vulnerability.

 

good call.

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By indospot
      Neowin Podcast Episode 19: Android, Windows, and iOS betas are here
      by João Carrasqueira



      Welcome back to the Neowin Podcast! On episode 19, we're talking about beta season - that wonderful time of the year for tech enthusiasts where major beta updates start to be released.

      As we get deeper into 2021, we're starting to approach some big new software updates, and because of that, there are previews and betas rolling out that you can try out now. The most notable is likely Android 12, the next big Android update which brings along some UI changes and some potential new features - though some of them are hidden for now. Windows 10 is also getting updated to version 21H1 with some minor changes, and iOS is getting its mid-life update to version 14.5, which finally lets you unlock your phone with a mask on.

      If you're interested in learning more about these updates, you can check out our coverage of them in the links below:

      Google announces Android 12 How to install the Android 12 developer preview Microsoft announces Windows 10 version 21H1 How to start testing Windows 10 version 21H1 iOS 14.5 lets you unlock your phone with a mask on and change your default music player with Siri You can listen to the episode below, and the Neowin Podcast is available on iTunes - and apps that rely on its library - as well as Google Podcasts, Spotify, and Amazon Music. And if you want to add it to your own podcast library, you can use this RSS feed:



      Neowin.net · Episode 19 - Beta season is here Do you have a topic you'd like us to discuss on the podcast? Let us know in the comments!

    • By indospot
      Neowin Podcast Episode 18: Let's talk about videogames
      by João Carrasqueira



      Welcome to episode 18 of the Neowin Podcast, the only bi-weekly podcast that has absolutely never missed a beat since its creation. After returning two weeks ago to talk about fitness tech, episode 18 is focused on one of our favorite hobbies - videogames.

      On this episode, Rich and João talk about their memories with videogames and their first consoles, as well as some of their favorite experiences with the medium. As you may know, we've been running a poll to decide which is our community's favorite console of all time, and the first round is almost over, so we take a look at the results so far and which ones are our favorites. We also talk about Nintendo's legacy and how poorly it's being leveraged on the Switch. Oh, and we finally get to know the logic behind João's very weird username.

      If you're interested in any of the products mentioned in this show, you can (try to) buy them here:

      Nintendo Switch ($299.99) Nintendo Switch Online membership (1-year, $19.99) Xbox Series X ($499.99) You can listen to the episode below, and the Neowin Podcast is available on iTunes - and apps that rely on its library - as well as Google Podcasts, Spotify, and now, Amazon Music. And if you want to add it to your own podcast library, you can use this RSS feed:



      Neowin.net · Episode 18 - Let's talk about videogames! Do you have a topic you'd like us to discuss on the podcast? Let us know in the comments!

      As an Amazon Associate, Neowin may earn commission from qualifying purchases.

    • By indospot
      The Neowin Podcast returns: Episode 17 - Fitness tech for a pandemic
      by João Carrasqueira



      Welcome back to the Neowin Podcast! It's definitely been two weeks since episode 16 in October of 2019, and we're keeping up with our schedule with episode 17 this week... Yes, we've been on a bit of a hiatus, but the Neowin Podcast is back, and we're aiming for a slightly different format this time.

      Going forward, we'll be trying to focus more on specific interesting topics to talk about, rather than just talk about the latest news. Of course, when big news comes out and we have thoughts on them, you can expect us to make an episode about it. We'll be aiming to make one episode every two weeks.

      On this episode, Rich Woods and João Carrasqueira talk about the technology we've been using to help us stay in shape, even as we navigate the seemingly unwavering COVID-19 pandemic. That includes the recently-launched Apple Fitness+ service, along with some thoughts on the new Time to Walk feature, and we also talk about Ring Fit Adventure, Nintendo's fitness-based adventure game that we wrote about a few months ago.

      If you're interested in the products mentioned in this show, you can buy them here:

      Apple Watch SE (from $269) Huawei Watch Fit ($129) Ring Fit Adventure ($79.99) You can listen to the episode below, and the Neowin Podcast is available on iTunes - and apps that rely on its library - as well as Google Podcasts and Spotify. And if you want to add it to your own podcast library, you can use this RSS feed:



      Steven Parker · Episode 17 - Fitness tech Do you have a topic you'd like us to discuss on the podcast? Let us know in the comments!

      As an Amazon Associate, Neowin may earn commission from qualifying purchases.

    • By Steven P.
      We're looking for tech enthusiasts to write news on Neowin for cash
      by Steven Parker

      Trying to keep our readers informed and updated on the constant stream of announcements, leaks, rumors, and insights that pour in from around the world is a non-stop job, including at weekends! With millions of readers worldwide, we know just how important it is to help them stay up to speed with the relentless pace of change and developments in technology.

      That’s why we’re continuing to expand our team of news reporters. We’re looking for eager, enthusiastic people to join us part-time (or full time, see below in the Apply section), preferably from native English speaking countries such as the UK, the United States, Canada, and Australia, but we'll consider those in other parts of the world too.

      We are specifically looking to bolster our UK/EU/Asia Pacific hours of news coverage.



      Our requirements
      We would love to hear from applicants with experience in covering technology news, but previous experience isn’t strictly necessary to apply. Enthusiasm, a positive attitude, and a desire to constantly improve and grow professionally – applicants with these traits are just as important to us as those with years of reporting experience.

      Many of our reporters over the years have had no previous experience, but that hasn’t stopped them from doing a great job; some very well-known faces in the tech journalism community made their names at Neowin with little or no experience at first. We offered them a strong foundation upon which to build their careers.

      Of course, even without reporting experience, we demand that applicants have plenty of knowledge about technology. Our coverage includes Microsoft, Apple, Google, Linux, gaming, software, devices, accessories, and so much more, along with analysis and insights into what’s happening in the tech industry.

      We require that applicants be proficient in English, and although it is a preference, it doesn’t mean English has to be your first language. We will accept applications from anyone aged 18 or over, from anywhere in the world that accepts PayPal and Payoneer as a method of receiving payment, and we warmly invite people from all backgrounds to apply.

      Neowin has a zero-discrimination hiring policy; whatever your ethnicity, gender identity, or sexuality, and whether you prefer Linux over Windows, or Xbox over PlayStation, what matters most to us is your passion for technology, your drive to do the job and constantly improve, and your ability to impartially report and discuss what’s happening in the tech world.

      Be active: We require no less than four articles a week, but the more, the better. We pay our writers per original article based on unique hits. This probably won't replace your full-time job, but it is a great way to earn some extra cash while gaining valuable experience in reporting with one of the most established brands in tech news. Be original: We expect all articles to be originally written, we have strict guidelines for approvals. We understand no one is perfect, but we try to maintain high standards in order for a post to be approved on the main page. Be awesome: You need to be able to bite your tongue when negative criticism occurs. It happens from time to time, but remember you will represent Neowin on and off the site. Be there: Although not mandatory, living near a convention/tech hotspot such as London, Las Vegas, Seattle, New York, or Tokyo is a plus. Although we are looking to bolster timely coverage on all things Microsoft, we don't assign or require people to write only on specific areas or even at fixed times of the day unlike some other news sites, so our reporters can write on a variety of different topics whenever they want!

      What you'll get from us
      All articles that are published on Neowin start at $5, and that payment rises with the number of unique hits it gathers. Just one article can earn $100 if it reaches a threshold of unique hits, for this it would have to go viral, and articles do achieve this at Neowin often. The fact of the matter is, our payments are based on merit and the hits the articles achieve, so you are rewarded when you do well, but you'll get less for poor performing items.

      Apply!
      You can find out more about our requirements, and how to apply, on this page.

      We look forward to hearing from you, and if you’ve got what it takes, we hope to be able to welcome you to the Neowin team very soon 😁👍

    • By Fezmid
      Folding at Home now the fastest "computer" in the world, but also join our team
      by Christopher White



      It's obvious that there's nothing good about the coronavirus itself. However one positive has been the outpouring of support for the Folding@Home project that's looking for a cure to diseases such as Alzheimer's, cancer, and COVID-19. Last week we asked our readers to join the project (and the Neowin team, 55186), and you responded. We now have over 200 new folders on the team and in the last week, have jumped up 90 spots to rank 661 overall.

      Neowin readers aren't the only ones responding to this crisis. As noted on Tom's Hardware, the F@H project has more compute power than not just the fastest supercomputer in the world, but the top seven supercomputers in the world, combined. Since the coronavirus outbreak, the project has seen a 1,200% increase in the number of folders, with over 400,000 people joining. The total number of CPU/GPU cores being used by the project is 27,433,824.

      A work unit crunching away at the Coronavirus problem We'd love if you joined the Neowin team. Simply install the client, type in a username, enter team number 55186, and you'll be folding with us in no time! If you're not seeing many work units assigned to you right now, keep in mind that due to the outpouring of support, the scientists need to provide more data for our computers to crunch so it's possible your PC will idle for a bit until they get this worked out. Just leave the application running, and when work comes in, you'll be folding in no time!

      We also have a dedicated forum thread discussing the project right here.