BitShares Forum
Main => General Discussion => Topic started by: unimercio on April 09, 2014, 05:55:51 am
-
Any thoughts, concerns on the OpenSSL Heartbleed vulnerability and PTS.
http://www.bitcoinfeed.net/news/bitcoin-bitcoin-security-company-bitgo-responds-to-the-heartbleed-security-threat
“It’s fundamental to tell everyone to check all their servers and update ASAP [...] I can’t obviously be positive about it, but bitcoin-specific software (local wallets, etc.) should not be affected even if they use OpenSSL, since the bug is only triggerable in live TLS connections.”
Ps. Vertcoin has released an update to their wallet.
-
Any thoughts, concerns on the OpenSSL Heartbleed vulnerability and PTS.
http://www.bitcoinfeed.net/news/bitcoin-bitcoin-security-company-bitgo-responds-to-the-heartbleed-security-threat
“It’s fundamental to tell everyone to check all their servers and update ASAP [...] I can’t obviously be positive about it, but bitcoin-specific software (local wallets, etc.) should not be affected even if they use OpenSSL, since the bug is only triggerable in live TLS connections.”
Ps. Vertcoin has released an update to their wallet.
Bump
-
Any thoughts, concerns on the OpenSSL Heartbleed vulnerability and PTS.
http://www.bitcoinfeed.net/news/bitcoin-bitcoin-security-company-bitgo-responds-to-the-heartbleed-security-threat
“It’s fundamental to tell everyone to check all their servers and update ASAP [...] I can’t obviously be positive about it, but bitcoin-specific software (local wallets, etc.) should not be affected even if they use OpenSSL, since the bug is only triggerable in live TLS connections.”
Ps. Vertcoin has released an update to their wallet.
Bump
+5% thanks fuzz
-
theres no issue unless you use RPC over SSL!
-
theres no issue unless you use RPC over SSL!
thanks, so http port 80 connections are safe just not encrypted. I wonder why Vertcoin, etc.. are issuing wallet alerts?
http://www.bitcoinfeed.net/news/vertcoin-please-upgrade-your-wallet-immediately-due-to-heartbleed-bug-in-openssl-which-could-allow-your-vertcoins-to-be-stolen (http://www.bitcoinfeed.net/news/vertcoin-please-upgrade-your-wallet-immediately-due-to-heartbleed-bug-in-openssl-which-could-allow-your-vertcoins-to-be-stolen)
-
If you have RPC enabled on a public interface and allow other ip addresses to open a SSL connection you SHOULD be concerned and upgrade/disable immediatelly