Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Thread Closed

Heartbleed Bug

OP androidfilesharing

9th April 2014, 05:01 PM   |  #1  
OP Senior Member
Flag HTTP 404
Thanks Meter: 457
 
545 posts
Join Date:Joined: Mar 2014
Donate to Me
More
I just read an article this morning that lists XDA on a list of sites using a compromised version of OpenSSL. What does this mean for you? Not much considering this site doesn't really have any sensitive data but it allows attackers to gather small bits of data and potentially gain the encryption keys and get all of the information in your profile (which I am assuming would include your paypal donation email address which if exploited as well could be dangerous). Here is a link via github to a list of affected sites

https://github.com/musalbas/heartble...er/top1000.txt

I just recommend changing your passwords plain and simple

Edit: Apparently XDA maintainers have stated they patched the bug---http://forum.xda-developers.com/show....php?t=2710685

But the scan was performed yesterday so I'm not sure they had proper time. I will be updating my password anyways.
Last edited by androidfilesharing; 9th April 2014 at 05:04 PM.
The Following 3 Users Say Thank You to androidfilesharing For This Useful Post: [ View ]
Thread Closed Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes