Massassi Forums Logo

This is the static archive of the Massassi Forums. The forums are closed indefinitely. Thanks for all the memories!

You can also download Super Old Archived Message Boards from when Massassi first started.

"View" counts are as of the day the forums were archived, and will no longer increase.

ForumsDiscussion Forum → Cloudbleed
Cloudbleed
2017-02-26, 1:26 PM #1
http://money.cnn.com/2017/02/24/technology/cloudflare-cloudbleed-security-vulnerability/

TL;DR: Web service Cloudflare had a security leak that affects thousands of websites and may have made your passwords unsecure.

http://cloudflarelistcheck.abal.moe/

Useful tool for seeing which sites are affected. Massassi.net is not listed here, so I'd like to confirm with Brian; does Massassi use Cloudflare at all?

(Yes, I'm actually posting in somewhere that's not the ISB, zomg!)
2017-02-26, 8:17 PM #2
No, we don't. However, keep in mind that until I implemented SSL/TLS a little while ago (few months or something?) all usernames, emails, and passwords were transmitted in plain text so could be intercepted. In addition to that, we're using an obsolete-ish version of message board software and a home-grown CMS-type system (for the main massassi site) that don't have a great security track record. I strongly suggest that you don't reuse passwords across multiple sites and especially don't use your massassi password on any other site ever under any circumstances. I would really like to have a better answer for security around here but at this point things are definitely not perfect. We are better off than we were before I took back over, but we're still not great.
2017-02-27, 10:15 AM #3
Aight, thanks for the answer :) It's not like much damage could be done if my Massassi account was hacked, lol. But yeah, I use different and secure passwords for my important sites (y'know, those that involve money or identification).
2017-02-27, 4:29 PM #4
I hope there are offline backups of this place, but beyond that I don't think anybody should put things on here that aren't going to be assumed public.

↑ Up to the top!