SoylentNews

OpenSSL: Heartbleed - the Fallout.

posted by janrinok on Thursday April 10 2014, @09:45PM   
from the security-is-important dept.

After reporting the problems with OpenSSL, which has been nicknamed 'HeartBleed', 2 contributors have forward articles on why you should change your passwords.

Heartbleed, and why you should change your password

I always believed Mojang would keep my details safe, now I realise they are not in control of their own data. Mojang/Minecraft passwords should be changed immediately

Heartbleed Bug: Change All Your Passwords

An anonymous coward writes:

The fallout from the Heartbleed bug is hitting the mainstream. The BBC has an article headlined "Public urged to reset all passwords".

Bruce Schneier calls it "catastrophic", giving this advice to sysadmins: "After you patch your systems, you have to get a new public/private key pair, update your SSL certificate, and then change every password that could potentially be affected." He also links to a webpage that will let you test servers for the bug, and an article on Ars Technica discussing the bug.

• Re:Mojang? (Score: 3, Insightful) by Anonymous Coward on Thursday April 10 2014, @09:57PM

  by Anonymous Coward on Thursday April 10 2014, @09:57PM (#29736)

  Yeah, Mojang seemed among the most responsible with their reactions. They brought things down, patched, and updated their certs. There are still much bigger players that haven't reliably done that (or at least announced it).

  Parent

  Starting Score:	0		points
  Moderation		+3
  Insightful=2, Informative=1, Total=3
  Extra 'Insightful' Modifier		0
  Total Score:		3