lol nice.
Awesome, i like it :D
as someone who learned of this things existence yesterday and knows almost nothing about networking and all that jazz, i suppose i understand a bit
while reiterating that i know nothing, doesn't this seem like something that would've been tried day 1
doesn't this seem like something that would've been tried day 1
Well yes, and usually the server would check whether the requested word & the provided character number would match. If not the server would reply with "error" , "say again" or just ignore you.
The omission of that check is the programming error that caused the Heartbleed bug
Hey guys attack my IP address with your lulz
175.101.12.90
I love how everyone was all "CHANGE YOUR PASSWORDS! CHANGE EVERYTHING!"
Which is useless. Changing your password wont work until the website has actually updated their SSL. Which most wont.
A lot of mainstream sites are safe now, though.
huh ? you want me to trash-talk a number ?
Well here it commes: your ip-adresse is weak it's got too many Ones and Zeros in it & barely any primes, how pathetic.
Well you could(1) continuously change your password on a few seconds interval, that way an attacker will always have an outdated password by the time the stolen memory-chunk is analysed.
(1)assuming a web-service isn't going to interpret it as a DOS-attack
Looks like the reports of the Heartbleed attack not leaving a trace were wrong.
http://blogs.computerworld.com/security/23801/rcmp-heartbleed-arrest-canada-itbwcw-ua
does the tek use OpenSSL?
what sort of server do you have going on there, just used putty..
Yay, I can be lazy