GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   New SSL vulnerability (https://gfy.com/showthread.php?t=1162971)

transbetty 03-16-2015 02:52 AM
New SSL vulnerability
 
Hello, not sure if it was posted before.

Quote:
On Tuesday, March 3, 2015, researchers announced a new SSL/TLS vulnerability called the FREAK attack. It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data. This site is dedicated to tracking the impact of the attack and helping users test whether they?re vulnerable.

The FREAK attack was discovered by Karthikeyan Bhargavan at INRIA in Paris and the miTLS team. Further disclosure was coordinated by Matthew Green. This report is maintained by computer scientists at the University of Michigan, including Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J. Alex Halderman. The team can be contacted at [email protected].
Read more / check your browser at: https://freakattack.com/

Sorry if it's old news on GFY.

seeandsee 03-16-2015 03:15 AM
Nice, thanks god they cant do anything with me, no sensitive data

transbetty 03-16-2015 03:36 AM
Quote:
Originally Posted by seeandsee (Post 20419360)
Nice, thanks god they cant do anything with me, no sensitive data
I think most processors like CCBILL are covered.

I would be careful though running a retail site with connection to some small payment gateways. They are often patched later.

RummyBoy 03-16-2015 04:48 AM
BBC News - Millions at risk from 'Freak' encryption bug

A week is a long time in virus news - its like a decade. I guess Firefox is probably safer than other browsers until the fix but it looks like Chrome is already fixed.

freecartoonporn 03-16-2015 04:55 AM
not this shit again.

RummyBoy 03-16-2015 05:01 AM
Quote:
Originally Posted by freecartoonporn (Post 20419405)
not this shit again.

transbetty 03-16-2015 05:07 AM
Haha great video response.

I agree it's more of a "freat-out" situ, but... I wouldn't want to be 000.1% who got their processing closed for this.

transbetty 03-16-2015 05:59 AM
Code:
Chrome for Windows and all modern versions of Firefox are known to be safe.
This vulnerability requires both server and client (browser) to be unpatched.

transbetty 03-16-2015 06:08 AM
FYI: Amerinoc patched my VPS very promptly. Thumbs up guys.

woj 03-16-2015 08:01 AM
"This report is maintained by computer scientists at the University of Michigan"

vulnerable sites:
1702 umich.edu 141.211.243.44


:1orglaugh


All times are GMT -7. The time now is 06:08 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123