161 entries in 0.338s
mircea_popescu: ahaha! check out the GRIBBLE HEARTBLEED
asciilifeform: wonder if i'm the only one who automatically thought 'diversion' when the heartbleed crap came out.
asciilifeform: <robwizz22> complete lie, meant to play on people's recognition of the word "heartbleed bug" without knowing what it is. There is no SSL anywhere within 100 miles of a Cardano, nor did I ever mention it. You seem to be playing off of your audience's ignorance. Is this really want you want to be doing with your life? Selling snake oil? Being a fraud?
asciilifeform: <robwizz22> the shelf usb storage to store a private key and pass phrase). You are lying about its benefits. You've come up with something absolutely and utterly useless. If it's a scam, good job. I like how you spread FUD about me trying to "introduce heartbleed" (which doesn't make any sense - the Cardano is a USB device) when I pointed this out. You obviously are smart enough to know that is a simple a
ozbot: Heartbleed certificate revocation tsunami yet to arrive | Netcraft
asciilifeform: http://news.netcraft.com/archives/2014/04/11/heartbleed-certificate-revocation-tsunami-yet-to-arrive.html
asciilifeform: since my original paste on how robwhiz22 tried to persuade me to include heartbleed in cardano has been censored (!), here's a new one, of same: http://pastebin.com/yvhVVs7C
gribble: NSA knew about Heartbleed for two years - Bloomberg — RT USA: <http://rt.com/usa/nsa-knew-heartbleed-hacking-years-004/>; DO NOT USE TOR RIGHT NOW. HEARTBLEED IS AFFECTING ALL ...: <http://www.reddit.com/r/DarkNetMarkets/comments/22k76z/do_not_use_tor_right_now_heartbleed_is_affecting/>; If You Want Privacy or Anonymity or Security, Stay Off the Internet ...: (1 more message)
asciilifeform: ;;google tor heartbleed
bounce: moar heartbleed
fluffypony: so CloudFlare's Heartbleed challenge was broken by two researchers
bounce: hm. openssl and their own funky freelist thingy. doesn't work without it, which would've had a good chance exposing heartbleed. mitigation is a simple patch. been reported... four years back, nothing happened. (last paragraph) http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse
ozbot: Twitter / rabite: Jews did #Heartbleed, by the way.
fluffypony: http://www.theverge.com/2014/4/11/5605444/the-nsa-has-exploited-heartbleed-bug-for-years-bloomberg-reports
ThickAsThieves: http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
Shakespeare: Cloudflare now saying they cant figure out how to get heartbleed to bleed keys
ozbot: xkcd: Heartbleed Explanation
ozbot: xkcd: Heartbleed Explanation
fluffypony: steven-__: I mean it's not heartbleed vulnerable
fluffypony: I've been testing a lot of my devices on my local network for heartbleed
fluffypony: https://bitcointalk.org/index.php?topic=287653.msg6159630#msg6159630 <- they're *still* Heartbleed vulnerable
ozbot: Schneier on Security: Heartbleed
MisterE: https://www.schneier.com/blog/archives/2014/04/heartbleed.html
Shakespeare: facebook lols: I made a post briefing normals on heartbleed and the general concept that internet privacy doesnt really exist. Here's the best response so far: "Is Lifelock an answer?"
mircea_popescu: but i wouldn't trust anything coming from the powerfully retarded rangers. they tried to get heartbleed into bitcoin, who knows what else they've baked into there we don't know about.
mike_c: i had this thought last night. if i was the nsa, and i had injected this awesome new backdoor into 1.0.1f, and i was really anxious for everyone to upgrade right now.. I would publicize my outdated backdoor called heartbleed.
ozbot: Heartbleed Honeypot Script ≈ Packet Storm
MisterE: http://packetstormsecurity.com/files/126068/Heartbleed-Honeypot-Script.html
BingoBoingo: Oh, yahoo is password weak because heartbleed. Figured I'd offer something on Yahoo for people to sign up for
mircea_popescu: "I the spirit of #heartbleed is anyone else interested in -assets fantasy baseball on yahoo?"
ozbot: Gmane -- Re: FYA: http: heartbleed.com
BingoBoingo: I the spirit of #heartbleed is anyone else interested in -assets fantasy baseball on yahoo?
BingoBoingo: dexX7: Heartbleed extracts that key
dexX7: hey i'm still thinking about the heartbleed stuff and was wondering: how could one - in theory - do something nefarious with this? user sessions aside, but what else is flying around there?
BingoBoingo: Apocalyptic: You handled heartbleed yet?
BingoBoingo: I wonder how many of these connects/disconnects are attempts at heartbleed probing
ozbot: xkcd: Heartbleed
bounce: bug introduced in 201112 says heartbleed.com, so in cvs
Naphex: mircea_popescu: you can basically sniff whole SSL trafic with Heartbleed.
fluffypony: yeah I'm not talking about mitigating the heartbleed attack
midnightmagic: mircea_popescu: That is from the heartbleed site. It implies more information is available, but it's information which is sitting in that specific area. It's a busy area, but it's just that specific area.
ozbot: Heartbleed Bug
mircea_popescu: http://heartbleed.com/
ozbot: Heartbleed + Bitstamp API (hash on key only) : Bitcoin
benkay: http://www.reddit.com/r/Bitcoin/comments/22ib8o/heartbleed_bitstamp_api_hash_on_key_only/
bounce: heartbleed, not beedingheart, and a plurality mismatch in the last paragraph or so
MisterE: www.heartbleed.com
Namworld: lel, what? "The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content."
MisterE: www.heartbleed.com
Mats_cd03: 'heartbleed', who knew security researchers had a flair for the dramatic
bounce: waitwaitwait, bitcoind is vulnerable to heartbleed?
BingoBoingo: http://filippo.io/Heartbleed/#trilema.com
asciilifeform: http://filippo.io/Heartbleed/#schneier.com
ozbot: [Python] heartbleed ssl test - Pastebin.com
MisterE: hmm heartbleed is nasty
ozbot: Heartbleed Bug
keonne: http://heartbleed.com/
truffles: heartbleed?
keonne: god dammit my inbox is filled with heartbleed bullshit
ozbot: Heartbleed Bug
punkman: http://heartbleed.com/