IDN Forums - Internationalized Domain Names  
Home | Advertise on idnforums | Premium Membership

Go Back   IDN Forums - Internationalized Domain Names > IDN Discussions > General Discussion

General Discussion Feel free to talk about anything and everything in this board.

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 12th April 2014, 05:51 PM
Jay's Avatar
Jay Jay is offline
Senior Member
 
Join Date: Feb 2008
Location: Where angels fear to tread
Posts: 1,303
iTrader: (23)
Rep Power: 1691
Jay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enough
Heartbleed vulnerability

Got an email from 101domain today (below). Any thoughts in relation to other registrars? Should we be concerned?

Quote:
As you are most likely aware of by now, there has been an OpenSSL security vulnerability discovered, dubbed “Heartbleed” (http://en.wikipedia.org/wiki/Heartbleed_bug), that has been creating quite a lot of security questions and concerns and has affected a very large percentage of websites around the world including some of the largest out there. We’re reaching out to you to help assuage your concerns regarding your domain names and your 101domain.com account.
101domain is very confident that, due to the nature of the vulnerability, none of our client accounts have been compromised. We immediately took the steps required to fix the vulnerability across our global network. However, again due to the nature of the vulnerability, we cannot confirm nor deny this fact with absolute certainty. In light of 101domain’s security-first focus, using modular access and strict verification processes, and after rigorous analysis and testing, we have determined that although there may be only a very slight chance that anyone has gotten even as much as your login and password, that would be at the extreme end of your exposure.

Considering all this, and as a generally good thing to do, 101domain recommends that you log into your 101domain account and change your password as soon as feasibly possible.
Reply With Quote
  #2 (permalink)  
Old 12th April 2014, 06:25 PM
Member
 
Join Date: Jul 2009
Location: The Golden West
Posts: 921
iTrader: (0)
Rep Power: 3237
Avtal is a jewel in the roughAvtal is a jewel in the roughAvtal is a jewel in the roughAvtal is a jewel in the roughAvtal is a jewel in the roughAvtal is a jewel in the roughAvtal is a jewel in the roughAvtal is a jewel in the roughAvtal is a jewel in the roughAvtal is a jewel in the roughAvtal is a jewel in the roughAvtal is a jewel in the rough
Re: Heartbleed vulnerability

Quote:
Originally Posted by Jay View Post
Got an email from 101domain today (below). Any thoughts in relation to other registrars? Should we be concerned?
Dynadot sent out a similar email. General advice (from me, not from necessarily from Dynadot):

1) Change your passwords everywhere, why not?
2) Don't use the same password across multiple sites (yes, it's a pain).
3) Set up two-factor authorization where possible (Dynadot and Namecheap both allow this).
4) If the two-factor authorization is based on sending a text to your cell phone, don't put that phone number in your whois records (if hackers know your number, they'll try to convince your cell phone carrier to forward these texts).
5) The email that registrars use to contact you (to verify password reset requests, for instance) should not be the same as the one in your whois records.

Some good advice from alpha: http://www.idndemystified.com/portfo...curity-101.htm

Avtal
Reply With Quote
  #3 (permalink)  
Old 12th April 2014, 07:43 PM
DktoInc's Avatar
Senior Member
 
Join Date: Dec 2009
Location: Land of the Loon
Posts: 1,583
iTrader: (2)
Rep Power: 2165
DktoInc has a spectacular aura aboutDktoInc has a spectacular aura aboutDktoInc has a spectacular aura aboutDktoInc has a spectacular aura aboutDktoInc has a spectacular aura aboutDktoInc has a spectacular aura aboutDktoInc has a spectacular aura aboutDktoInc has a spectacular aura aboutDktoInc has a spectacular aura about
Re: Heartbleed vulnerability

http://filippo.io/Heartbleed/


looks like name dot com may have had some issues.

Last edited by DktoInc; 12th April 2014 at 07:45 PM..
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 03:42 PM.

Site Sponsors
Your ad here
buy t-shirt
מחיר הזהב

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.3.0
Copyright idnforums.com 2005

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54