Major crypto bug in OpenSSL

kagato

kagato

Well-Known Member
So I tried to log into Minecraft this morning and found the Authentication servers were down. Typical day for Mojang right? Well, after taking to Twitter, I found that they took their servers down for patching due to a major crypto bug that was found in OpenSSL:
http://arstechnica.com/security/201...opens-two-thirds-of-the-web-to-eavesdropping/

The bug, which has resided in production versions of OpenSSL for more than two years, could make it possible for people to recover the private encryption key at the heart of the digital certificates used to authenticate Internet servers and to encrypt data traveling between them and end users. Attacks leave no traces in server logs, so there's no way of knowing if the bug has been actively exploited. Still, the risk is extraordinary, given the ability to disclose keys, passwords, and other credentials that could be used in future compromises.
Click to expand...
 
Oh fuck.

WOQBPBA.png


I think today is a good day to change a password or two.
 
This is a good opportunity to mention that everyone should be using two-factor authentication on every site they care about. Your google, banking, and web hosting accounts should all have two-factor authentication enabled if at all possible.
 
Wooty said:
This is a good opprotunity to mention that everyone should be using two-factor authentication on every site they care about. Your google, banking, and web hosting accounts should all have two-factor authentication enabled if at all possible.
Click to expand...
I don't know what that means
 
Wooty said:
This is a good opprotunity to mention that everyone should be using two-factor authentication on every site they care about. Your google, banking, and web hosting accounts should all have two-factor authentication enabled if at all possible.
Click to expand...
I'm kinda with crafter here, while I can roughly guess, can you explain what exactly the two-factor authentication does?
 
crafteroftemines said:
I don't know what that means
Click to expand...
RemOfShadows said:
I'm kinda with crafter here, while I can roughly guess, can you explain what exactly the two-factor authentication does?
Click to expand...

When you login to an account with 2-factor authentication, you have to take out your phone and type in a number that you get from either an app, or a text message they send you. That means if someone steals your password, they still won't have that special code that changes all the time.
 
You must log in or register to reply here.
Back
Top