Heartbleed at Quaddicted

If you have followed technology news recently you will have heard about a massive bug in OpenSSL that allowed attackers to read random memory (which could be data, passwords, certificates, anything) from affected machines.

I patched Quaddicted immediately after reading about it ~24 hours ago:
http://filippo.io/Heartbleed/?#www.quaddicted.com

But this means that someone might have previously grabbed data of the server. Since I highly doubt that I did not generate a new certificate nor did I force all users to choose new passwords. Maybe I will do so later just because that would be best practise. Quaddicted is not exactly a very interesting target nor is the information you guys store on it very sensitive.

http://heartbleed.com/ and https://www.schneier.com/blog/archives/2014/04/heartbleed.html are nice overviews.

You should regenerate all your passwords for everything. Yes, it is that terrible. Every site you use, every other SSL using service. I recommend http://keepass.info/ or https://www.keepassx.org/

Gah…

Nice.

Fixed :stuck_out_tongue: