Time to change those passwords...



A new bug has been discovered on the internet, called the Heartbleed Bug. The basic idea is that it allowed hackers to steal information from servers that you thought were protected behind a secure (https) connection. That information could include usernames, passwords, credit card information, or anything that you've submitted in a form. Over 2/3 of the servers on the internet use OpenSSL which is the library that this bug was found in.

Subeta is safe. We're fortunate to be protected by cloudflare who was alerted to this bug a week before it became public, and has already patched it. It's very unlikely that any of your information has been stolen from Subeta.

Unfortunately there are a lot of sites that hadn't fixed their implemention of openSSL when the information was made public. This includes some google services, yahoo mail, imgur, and other sites that most of us use daily.

It's our suggestion that you change your passwords everywhere, including Subeta. Before you change your password on a website, check it here to ensure that it's no longer a threat. If you change your password and the site is still unsafe, you could be submitting your password to hackers again!

OpenSSL put out a patch as soon as the bug was made public, and most sites have already begun to patch and fix their servers. Most major sites on the internet have already been patched. You can read more about the bug here. Thank you, and stay safe on the internet! ❤

Here is another great writeup of this bug.
April 9, 2014, 9:57 pm by Tardis
User Avatar

Thank you for the heads up Keith. I heard about this not too long ago via the Current Events thread. Huge sigh of relief that subeta and facebook are safe. I guess that's one good reason to be poor. I can't afford to buy anything.

April 9, 2014, 9:55 pm by Nostalgia_507
User Avatar

Wow, , thanks for warning us! I hadn't heard about this latest bug exploit. busily changing all her passwords

April 9, 2014, 9:53 pm by Frankenchokies
Avatar Border
User Avatar

The grammar suggests it is not. So my bad or your bad? OR IS IT SATAN'S BAD?

Wait, what.

April 9, 2014, 9:52 pm by Keith
Avatar Border
User Avatar

Obviously hypothetical.

April 9, 2014, 9:48 pm by Lisa
Avatar Border
User Avatar

Should I change my passwords on everything? Really? My bank, iTunes, Comcast, tumblr, deviantart...all of those? That's such a pain in the butt. I just now got them memorized and now I'm going to have to do it all again. I hate hackers. So, so much. -_-

April 9, 2014, 9:42 pm by Finnie
User Avatar

As Keith stated in announcement, once the websites you use have cleared the heartbleed test (once the site has been confirmed as patched), it is safe to change your passwords :)

April 9, 2014, 9:40 pm by honey_bear
Avatar Border
User Avatar

, I'm just a little confused by your comment post. Are you suggesting we change our passwords before or after the patch you mentioned. Sorry, just a little confused. Thanks :)

April 9, 2014, 9:36 pm by DreamsInPink
Avatar Border
User Avatar

So, if Subeta is safe, why do we need to change our PWs??

April 9, 2014, 9:35 pm by Victim
User Avatar

Thanks for the heads up! I haven't heard anything about this, so I really appreciate the info!

April 9, 2014, 9:34 pm by Jazmine
Avatar Border
User Avatar

Information about the sites affected: Master list of sites affected by Heartbleed. A more in depth article about the situation

Orgasmic that should answer your questions :)

April 9, 2014, 9:33 pm by Taters
User Avatar

My mom is in web security and said that the issue was that only one of the many versions of ssl had the problem. But unless you own the site you cant really know which use it unless you know where to look. That website is the one they used in her office, and most things relating to banking are safe as they do check those things daily. Plus, it was an update to the ssl that had the biggest problem, and most places dont get those that quick.

So just be safe and use different pws on sites relating to your money, and even change your pin here if your worried :)

But its awesome subeta cares so much about us and wanted to warn those whose parents dont work with these things on a daily basis lol

April 9, 2014, 9:31 pm by Ambition
Avatar Border
User Avatar

thank you so much for looking out for us and being on top of security issues! :D

April 9, 2014, 9:31 pm by Yelan
User Avatar

Thank you so much for telling us this.

April 9, 2014, 9:29 pm by orgasmic
Avatar Border
User Avatar

Yeah I'm not understanding how to look at the websites I use to see if they're under threat or not.

April 9, 2014, 9:28 pm by deadly
User Avatar

do you recommend we change ALL our passwords? email, banking, social networking, ect?

April 9, 2014, 9:27 pm by red5luke
Avatar Border
User Avatar

The company I work for got right on this for our website (which is good, because I've been answering a lot of emails about it today). I was wondering if Subeta was on top of it as well, and I'm glad to hear you guys are!

April 9, 2014, 9:25 pm by Gem_840
User Avatar

Thank you for letting us know how Subeta is handling this situation! I have been following it, and was wondering about the situation here.

April 9, 2014, 9:23 pm by poppet
Avatar Border
User Avatar

I'm so amused that CloudFlare was good for something!

April 9, 2014, 9:22 pm by Keith
Avatar Border
User Avatar

Yup :)

April 9, 2014, 9:22 pm by Frankenchokies
Avatar Border
User Avatar

Did you seriously just expose InSaNe's password or are you being hypothetical?

April 9, 2014, 9:21 pm by Damon
Avatar Border
User Avatar

So Subeta is safe right, if we need to change anything it's alright to do so?

April 9, 2014, 9:19 pm by pax
Avatar Border
User Avatar

Thank you for the announcement. This is something that has to be disseminated to people as quickly as possible. We've rolled out Fixed OpenSSL in a server I assist in running, the other day. (And before someone lurches at me for my grammar, English is my third language. :P)

April 9, 2014, 9:19 pm by Keith
Avatar Border
User Avatar

Thank you! I was looking for that link, going to add it to the news post.

April 9, 2014, 9:19 pm by Keith
Avatar Border
User Avatar

Someone who noticed that your Subeta password is the same as your paypal password.

April 9, 2014, 9:16 pm by Grey_503
User Avatar

is paypal safe?

April 9, 2014, 9:16 pm by Finnie
User Avatar

Until this afternoon subeta was coming up as being vulnerable on the heartbleed tester --- http://filippo.io/Heartbleed/

Most techs are recommending not to change your passwords at this point because the more recently your password (or other information) has been logged in the server the more vulnerable it is to hackers.

However I believe once the patches have been made you no longer have to worry about that, and yes, you should change your passwords.

April 9, 2014, 9:16 pm by InSaNe
Avatar Border
User Avatar

who would want to hack my subeta account anyway

April 9, 2014, 9:15 pm by Aspirati
User Avatar

thanks for the heads up :)

April 9, 2014, 9:15 pm by Rue
Avatar Border
User Avatar

Thanks for the heads up! This is scary ;0;

April 9, 2014, 9:14 pm by what
Avatar Border
User Avatar

really appreciate the information.

April 9, 2014, 9:14 pm by saranghae
User Avatar

Thank you for letting us know! Very scary for those of is (like me) who use the web a LOT and to do a LOT of things.

April 9, 2014, 9:14 pm by SexyFart
User Avatar

Thank you for the heads up! Glad to know subeta is safe. :D

April 9, 2014, 9:13 pm by _blackwolf_2009_
User Avatar

Thanks for the update. I been seeing this around but glad that this website still gives out info like this.

April 9, 2014, 9:12 pm by Owl
Avatar Border
User Avatar

Thanks for letting us know about this.

April 9, 2014, 9:12 pm by Frankenchokies
Avatar Border
User Avatar

Your grammar is shocking.

April 9, 2014, 9:12 pm by Lyllytas
User Avatar

Thanks for the heads up!

April 9, 2014, 9:11 pm by Damon
Avatar Border
User Avatar

Scared the crap out of me for a moment.... but so glad Subeta is safe. Thank you for the heads up. Had been hearing around this all day. Hope it gets fixed and fast.

Leave a Comment

Use @username to mention someone. Supports markdown formatting.