So, Now that the "Heartbleed" Vulnerability is out, What markets re not affected by this especially tumblers?

This is crazy, I come back to see that security is vamped up and people are fucking with this shit trying to bring it down just so they can get paid by LE! So, What markets can be trusted now? TE is lying to us too saying that they "disabled heartbeat", Im so confused an frustrated right now, There should be a FAQ about this and what to do!


Comments


[2 Points] 13tom13:

cloud9 has supposedly updated there SSL, but you can only trust their word and they arent a tumbler.


[2 Points] None:

It is really difficult to tell. If a market states they were not using a vulnerable OpenSSL build, you have to just trust the admin is telling the truth.

If a market did have a vulnerable OpenSSL build, they would need to replace any private keys used as it is possible they were leaked while they were vulnerable. For Tor hidden services, the onion address will have to change if the key is changed.

Other keys that need to be changed include SSH private keys or anything else for the matter that should not be readily available and would be loaded into memory.