Jump to content

Heartbleed Virus

Mr. House

By Mr. House
in BZPower Q&A

 Share

Recommended Posts

Mr. House Emerging Fluidic Master

Mr. House

Posted
Posted

Is BZP effected by this virus?

I occasionally return to BZP for a nostalgic trip back. Hit me up on discord if you need anything. 
 
BZPRPG Characters that I will possibly revive, Mons-Shajs-Tarotrix-Aryll Vudigg-Jorruk Yokin-Senavysh Angavur

 

 

 

 

 

Link to comment
Share on other sites
Reznas Fluidic Master Nuva

Reznas

Posted
Posted (edited)

It's a security vulnerability with SSL protocol. It only applies to sites that use SSL protocol, which is what https:// signifies (as Shockwave mentioned already). Since BZP is not under such a security protocol, there's nothing to worry about.

 

-Rez

 

EDIT: If you're worried, just change you password and make sure that your BZPower password isn't identical to your passwords on other sites. If your passwords are compromised on a site vulnerable to Heartbleed, those passwords can be used to log into any user account you have, assuming you use identical passwords for each website. But the chances of a hacker choosing to compromise your BZP account are slim.

Edited by Reznas
  • Upvote 1
Link to comment
Share on other sites
Meiko Emerging Flying Force

Meiko

Posted
Posted

BZPower runs on CloudFlare, and CloudFlare patched the issue a week before it was announced publicly. BZPower is safe, especially since BZPower has no TCP or UDP connections that run on SSL. (e.g. FTPS or HTTPS)

--

Meiko - @georgebarnick

LUG Ambassador and administrator at Brickipedia

News reporter and database administrator at Brickset

Administrator at BIONICLEsector01

 

DISCLAIMER: All opinions and contributions made under this account are based solely on my own personal thoughts and opinions, and in no way represent any of the above groups/entities. If you have any concerns or inquiries about the contributions made under this account, please contact me individually and I will address them with you to the best of my ability.

Link to comment
Share on other sites
Gatanui Stone Champion Defeated

Gatanui

Posted
Posted

It's a security vulnerability with SSL protocol. It only applies to sites that use SSL protocol, which is what https:// signifies (as Shockwave mentioned already). Since BZP is not under such a security protocol, there's nothing to worry about.

 

-Rez

 

EDIT: If you're worried, just change you password and make sure that your BZPower password isn't identical to your passwords on other sites. If your passwords are compromised on a site vulnerable to Heartbleed, those passwords can be used to log into any user account you have, assuming you use identical passwords for each website. But the chances of a hacker choosing to compromise your BZP account are slim.

Actually, only the OpenSSL implementation of the SSL protocol is affected. Unfortunately, the majority of the sites with SSL do use OpenSSL, but there are also other implementations which are not affected by this vulnerability. And it's indeed not a virus. In fact, this has nothing to do with viruses at all.

 

-Gata signoff.png

  • Upvote 1

- Gata

signoffLarge.png

 

Please don't use my avatar or signature without permission, thanks! ^_^

Link to comment
Share on other sites
Meiko Emerging Flying Force

Meiko

Posted
Posted (edited)

Wait.. what is Heartbleed Virus?

The Heartbleed Bug (not a virus at all) is a vulnerability in OpenSSL, a piece of software used by millions of websites that is used to keep the web secure. SSL is a protocol in computer systems that secures data as it is transferred, but this vulnerability made it possible for attackers to get bits of data transfers (called "packets") that could contain potentially sensitive information. Here are some links with more information:

Edited by Meiko
  • Upvote 1

--

Meiko - @georgebarnick

LUG Ambassador and administrator at Brickipedia

News reporter and database administrator at Brickset

Administrator at BIONICLEsector01

 

DISCLAIMER: All opinions and contributions made under this account are based solely on my own personal thoughts and opinions, and in no way represent any of the above groups/entities. If you have any concerns or inquiries about the contributions made under this account, please contact me individually and I will address them with you to the best of my ability.

Link to comment
Share on other sites
Voxumo Rahkshi Conquered

Voxumo

Posted
Posted

 

Wait.. what is Heartbleed Virus?

The Heartbleed Bug (not a virus at all) is a vulnerability in OpenSSL, a piece of software used by millions of websites that is used to keep the web secure. SSL is a protocol in computer systems that secures data as it is transferred, but this vulnerability made it possible for attackers to get bits of data transfers (called "packets") that could contain potentially sensitive information. Here are some links with more information:

 

Ah... Ok thank you for explaining this.. makes more sense

u9et1dt.gif

Banner made by Onaku

BZPRPG CHARACTERS

Syvra-Tivanu

If you interact with one of my characters and I don't respond or acknowledge the interaction within a day, send me a PM. Odds are I missed or did not see the post.

Link to comment
Share on other sites
GSR Defender of Mata Nui

GSR

Posted
Posted (edited)

Meiko, Gata, and Rez have explained things fairly well. BZP, to my knowledge, doesn't use SSL anywhere on the site, and so should not be affected. (Payments for store purchases are handled through PayPal's servers, not BZP's - and PayPal has stated they were not effected by the bug.)

 

For a list of major sites that have been affected, I'd recommend this article.

 

In general, most affected sites should have updated their OpenSSL software to patch the bug by now, but a good strategy to follow is to change your password on affected site after the vulnerability has been patched. If you've been reusing your password on multiple sites - well, that's not a very good idea to begin with, but you'll want to change all of those.

 

If I'm misunderstanding something about BZP's use of SSL, and we have been affected, I'm sure Black Six'll reopen this topic and provide clarification. Otherwise, for now - looks like things are all answered, so I'll close the topic for the moment.

Edited by GSR
  • Upvote 2

Hey: I'm not very active around BZP right now.  However, you can always contact me through PM (I have email notifications set up) and I will reply as soon as I can.


Useful Topics: The Q&A Compendium | The Official RPG Planning Topic
Stories: Fractures | An Aftermath | Three Stories | LSO 2012 Epics: Team Three | The Shadow and the Sea | The Days They Were Needed | Glitches | Transformations | Echoes | The Kaita and the Storyteller | Nui

BZPRPG: Komae · Soraya · Bohrei

Blog: Defendant Lobby no. 42

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...