SoylentNews is people
SoylentNews
After reporting the problems with OpenSSL, which has been nicknamed 'HeartBleed', 2 contributors have forward articles on why you should change your passwords.
Heartbleed, and why you should change your password
I always believed Mojang would keep my details safe, now I realise they are not in control of their own data. Mojang/Minecraft passwords should be changed immediately
Heartbleed Bug: Change All Your Passwords
The fallout from the Heartbleed bug is hitting the mainstream. The BBC has an article headlined "Public urged to reset all passwords".
Bruce Schneier calls it "catastrophic", giving this advice to sysadmins: "After you patch your systems, you have to get a new public/private key pair, update your SSL certificate, and then change every password that could potentially be affected." He also links to a webpage that will let you test servers for the bug, and an article on Ars Technica discussing the bug.
(Score: 4, Insightful) by iroll on Thursday April 10 2014, @09:51PM
Why single Mojang out here, and with such damning language? How were they any less "in control" than any other company that was using OpenSSL?
People on reddit were scraping user/pass combos from yahoo mail yesterday, for goodness sakes. Care to throw some hysteria their way, as well?
It's not that I give a crap about Mojang, it's just that I can't see how your comment passes the sniff test. Either you know something I don't or you don't know what you're talking about. When it comes to outrageous headlines, I'm inclined to believe the latter.
(Score: 3, Insightful) by Anonymous Coward on Thursday April 10 2014, @09:57PM
Yeah, Mojang seemed among the most responsible with their reactions. They brought things down, patched, and updated their certs. There are still much bigger players that haven't reliably done that (or at least announced it).
(Score: 2) by Angry Jesus on Thursday April 10 2014, @10:42PM
> Either you know something I don't
Have you considered that the submitter is probably a big Minecraft fan and that Mojang is probably at the top of his own list of sites he cares about?
(Score: 1) by iroll on Thursday April 10 2014, @10:53PM
Yes, and I also considered that the submitter is an idiot, neither of which justify the editor keeping the phrase "now I realise [sic] they are not in control of their own data."
(Score: 1, Offtopic) by Angry Jesus on Friday April 11 2014, @12:33AM
Ah, so you are just one of those kinds of people.
(Score: 0, Offtopic) by iroll on Friday April 11 2014, @02:06AM
Yeah, I'm one of those people who thought that clickbait troll headlines were a bug, not a feature. My bad. Carry on.
(Score: 1, Offtopic) by Angry Jesus on Friday April 11 2014, @04:05AM
> Yeah, I'm one of those people who thought that clickbait troll headlines were a bug, not a feature. My bad. Carry on.
One of the kind of people so caught up in the sputtering anger of their own pipsqueak self-righteousness that they start off arguing about a sentence in a story submission and then switch to complaining about a benign headline.
Carry on carrying the weight of all the idiots in the world on your shoulders.
(Score: 0, Offtopic) by iroll on Friday April 11 2014, @04:10AM
Touche; I suppose I meant summary, and not headline. But please, go on. I'd like to hear more about sputtering anger and pipsqueak self-righteousness.
(Score: 0, Offtopic) by Angry Jesus on Friday April 11 2014, @04:52AM
Yeah, well I'd like to not hear any more of your sputtering.
(Score: 1, Insightful) by iroll on Friday April 11 2014, @05:59AM
I'm sorry, Dave. I'm afraid I can't do that.
(Score: 2) by wantkitteh on Friday April 11 2014, @11:49AM
I suppose it could have partially been my fault, I did mention Mojang closing down the Minecraft auth servers in the story I submitted about Heartbleed to illustrate just how widespread this bug's effect was. People expect stories about how this bug and that screw-up leaked 100billion credit card details or patient records or names and addresses of subscribers to Canine Fetish Monthly, we've seen that before. Something widespread enough to leak something as innocent as your Minecraft login should get some attention.
(Score: 1) by iroll on Friday April 11 2014, @05:39PM
That kind of mention I can absolutely understand, but to say "now I realise they are not in control of their own data" is extremely accusatory. It doesn't make them an example of a widespread problem; it calls them out as if they were either particularly neglectful or incompetent, or that they had given their (your) data to a third party that couldn't be trusted, none of which seem to be the case.
When I clicked on the attached article, I expected to read something along the lines of the above (really, I expected to read that they had used an untrustworthy third-party service). Instead, I read that they had taken a particularly conservative approach for the problem. The disconnect between the summary and the article is obnoxious... I read the articles on aggregators like SN because I want to be clued into interesting things and see/participate in a discussion, not to get trolled into clicking on things that don't match the summary. Honestly, the only thing that could have made it more annoying to me would have been if the link had gone to a monetized blog that then linked to the Mojang page :P