Jump to content


Photo

Heartbleed


  • Please log in to reply
7 replies to this topic

#1 275 GTB-4

275 GTB-4
  • Member

  • 6,923 posts
  • Joined: February 03

Posted 25 April 2014 - 23:07


LastPass Heartbleed checker


Site: forums.autosport.com
Server software: Apache
Was vulnerable: Possibly (known use OpenSSL, but might be using a safe version)
SSL Certificate: Possibly Unsafe (created 2 years ago at 2012-04-06 00:00:00) Additional checks SSL certificate history checks yielded no new information
Assessment: It's not clear if it was vulnerable so wait for the company to say something publicly, if you used the same password on any other sites, update it now.

I am changing my password to be "safe" (YEAH, RIGHT, nobody is safe from Hackers)

Advertisement

#2 Grayson

Grayson
  • AUTOSPORT digital product manager

  • 1,350 posts
  • Joined: July 08

Posted 27 April 2014 - 19:20

Autosport is unaffected by the Heartbleed bug.

 

We use OpenSSL, but we use a different version* and have never used a version of OpenSSL which suffered from this vulnerability.

 

 

*(technically a different branch - 0.9.8 for those of you who that means something to) 



#3 275 GTB-4

275 GTB-4
  • Member

  • 6,923 posts
  • Joined: February 03

Posted 27 April 2014 - 22:41

Thanks...you may have dodged a bullet :)



#4 Catalina Park

Catalina Park
  • Member

  • 5,707 posts
  • Joined: July 01

Posted 28 April 2014 - 10:13

Thanks...you may have dodged a bullet :)

Or you're just a bad shot.



#5 275 GTB-4

275 GTB-4
  • Member

  • 6,923 posts
  • Joined: February 03

Posted 28 April 2014 - 10:57

Or you're just a bad shot.


Hmmmm...not a great shot, but with a SMLE No4, MK1, with open sights and allowing for a little windage etc...I used to be able to do a respectable group on the 900 yard range at Malabar...



#6 Catalina Park

Catalina Park
  • Member

  • 5,707 posts
  • Joined: July 01

Posted 29 April 2014 - 09:16

Hmmmm...not a great shot, but with a SMLE No4, MK1, with open sights and allowing for a little windage etc...I used to be able to do a respectable group on the 900 yard range at Malabar...

If we ever get invaded by paper targets I'm hanging around with you.



#7 275 GTB-4

275 GTB-4
  • Member

  • 6,923 posts
  • Joined: February 03

Posted 29 April 2014 - 09:31

If we ever get invaded by paper targets I'm hanging around with you.


Hey! this was military shooting...walk down range and wait for the Machine Gun nest to pop-up etc then ka-blammo! was one serial...

I had just removed wood to make a free floating barrel on the rifle and I was a little concerned about the accuracy of the re-assembled unit...so I strolled over to the Full Bore chasps and asked the guru for advice. He asked why I thought there was a problem, I said because I had done the work!

He said, send a few sighters down (900 yd range was open)...did that, warmed the barrel, he said "may I?"...shot a nice tight group and completely humiliated me with a big grin...nothing wrong with that rifle! :lol:



#8 Grayson

Grayson
  • AUTOSPORT digital product manager

  • 1,350 posts
  • Joined: July 08

Posted 29 April 2014 - 14:15

As an addendum to the above, our credit card payment processors (Cybersource) have confirmed that there was never any sort of vulnerability on their transaction processing side (ie. any credit card payment details you used on Autosport would not have been at risk).

 

They were using the vulnerable version of OpenSSL on their Business Centre, but it doesn't look like Autosport's account was in any way compromised. Even if it was, only very partial payment details are visible in the business centre (such as what sort of credit card you used and the last few numbers on the credit card) - enough of your information should be redacted that it wouldn't be possible for any sort of credit card fraud to take place as a result.