For everyone running sites out there, SSL is in pretty big trouble right now:
http://heartbleed.com
https://www.schneier.com/blog/archives/ ... bleed.html
Make sure to update your OpenSSL. You can check for vulnerability here:
http://filippo.io/Heartbleed/
DT comes up with a testing error. Are we good yet?
Heartbleed OpenSSL Security Breech
- scottc
- ☃
- Location: Remote locations in Europe
- Main keyboard: GH60-HASRO 62g Nixies, HHKB Pro1 HS, Novatouch
- Main mouse: Steelseries Rival 300
- Favorite switch: Nixdorf 'Soft Touch' MX Black
- DT Pro Member: -
I don't think DT uses SSL at all, which is a huge problem in itself...
At least I can't get https://deskthority.net here, in Firefox, wget or curl.
At least I can't get https://deskthority.net here, in Firefox, wget or curl.
- Muirium
- µ
- Location: Edinburgh, Scotland
- Main keyboard: HHKB Type-S with Bluetooth by Hasu
- Main mouse: Apple Magic Mouse
- Favorite switch: Gotta Try 'Em All
- DT Pro Member: µ
Fair enough. I'm no admin, but this sounds like something folks should know about. I assumed SSL comes into play when logging into accounts or changing passwords.
- webwit
- Wild Duck
- Location: The Netherlands
- Main keyboard: Model F62
- Favorite switch: IBM beam spring
- DT Pro Member: 0000
- Contact:
Due to lack of member interest, we employed some leprechauns to run some of the club business. I need to ask them about that.
- scottc
- ☃
- Location: Remote locations in Europe
- Main keyboard: GH60-HASRO 62g Nixies, HHKB Pro1 HS, Novatouch
- Main mouse: Steelseries Rival 300
- Favorite switch: Nixdorf 'Soft Touch' MX Black
- DT Pro Member: -
Hey, the good news is that since we don't use SSL at all, we're not vulnerable! *
(* Just our passwords)
(* Just our passwords)
-
- Location: u1h2fm
- Main keyboard: Traditional Thinkpad/Ergodox
- Main mouse: Trackpoint/Vertical Mouse
- Favorite switch: Model F
- DT Pro Member: -
I don't think encryption is important because it is protecting our passwords or your orders. Of course that's nice, too.
It'd make surveillance a tiny little bit harder. It'd be a kind of political statement.
It'd make surveillance a tiny little bit harder. It'd be a kind of political statement.
- sirtetris
- Location: germany
- Main keyboard: poker
- Favorite switch: mx blue
- DT Pro Member: -
- Contact:
the ironic thing is DT even has a password policyscottc wrote:I don't think DT uses SSL at all, which is a huge problem in itself...
At least I can't get https://deskthority.net here, in Firefox, wget or curl.
> Password must be between 6 and 100 characters long,
> must contain letters in mixed case and must contain numbers.
well ... use DT once on your phone using an open wireless hotspot and your password is just screamed you to everybody else on the network, ready to be heard and your account is gone
for a forum about devices connected to computers, not supporting ssl/tls is a real shame