Jump to content
Rhyno Gym

Heart Bleed Bug


Zak
 Share

Recommended Posts

There has been much news lately about the security of websites from the Heart bleed exploit. We here at Furry-Muscle take security and safetly very seriously. I'm very happy to say that the Heartbleed exploit on Furry-Muscle has be patch and is no longer a security problem. 

 

Zak

Furry-Muscle Owner

Link to comment
Share on other sites

technically Open ssl uses system requests that are known as "heartbeats" to detect interactions and they're supposed to share equal amounts of data (be it logging in, buying on amazon, sending email, etc) And when the data transactions are completed, Its supposed to overwrite that allocated space  for the next data requests.

 

Best simplified version I've come across is an example of someone going to a shop to buy a box for their photos.

 

say you go into a store with 100 photos and ask for a box to put them all in... the clerk take the photos, counts them and put them into an empty box and hand it back...... that is how its supposed to work...

 

Now in the case of heartbleed..... imagine the same scenario, but the guy at the counter is really stupid and isn't paying that much attention. You say your giving him 100 pics for a box, but you only give him one, since he's never set foot inside a school and never learned to count... he doesn't question it and accidentally gives you another customers box with 99pics to make it 100, and your sent on your way.

 

Now this stuff you got could be all worthless "selfies" of some kid xeroxing his @$$ or they could be autographed copies of Lady Gaga that are worth a fortune.

 

Of course what was being obtained wasn't actually photos but data, some of it would be garbled wingding garbage, but data could be credit card numbers, names, addresses, emails, browsing history, you name it. But due to a flaw in the open ssl coding, the systems weren't exchanging equal sizes of info, so those who knew of the security issues could end up with alot of info they shouldn't ever have access to. And worse still is that this flaw has been out for over 2 years.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information