Talk:Beta test
Feedback and bug reports about the beta test of this site go here.
Click the "start a new topic" tab above or click "edit this section" next to an existing topic.
Contents |
Feedback
What is this section for?
This section is for feedback about how this beta website is working. Admin (talk) 12:27, 23 December 2013 (EST)
Bug reports
What's a bug and what's not?
Just report it and we'll figure it out. Admin (talk) 12:29, 23 December 2013 (EST)
OpenSSL Heartbleed bug
On April 7, 2014, it was announced that a bug in the TSL Heartbeat extension of OpenSSL allows for a major exploit which could let an attacker read up to 64KB of server memory used by that process. This exploit left encripted communications, including cookies and passwords sent to this site, potentially vulnerable to viewing by an attacker. This is a major bug that effects a large portion of websites on the internet. We will be researching this issue in the days to come and provide additional information. Admin (talk) 03:14, 9 April 2014 (EDT)
SSL disabled on the site
We have intentionally disabled SSL (https) communications on this site because of the Heartbleed bug. Users will not be able to use SSL (https) protocol to communicate with the site, which means that all information sent to or from the site will be in the clear (readable by anyone with access to the datastream). Since nearly everything sent to this site is publicly viewable anyway, it won't effect much. The only information which is not normally made public is your email address and password. Email addresses are generally sent in the clear anyway, so there is no additional exposure there, however, passwords are normally sent in an encripted form to this site. So beginning 4/7/2014 until further notice, when you log on to the site, be aware that your password will be more susceptible to eavesdropping.