Talk:Beta test
Feedback and bug reports about the beta test of this site go here.
Click the "start a new topic" tab above or click "edit this section" next to an existing topic.
Contents |
Feedback
What is this section for?
This section is for feedback about how this beta website is working. Admin (talk) 12:27, 23 December 2013 (EST)
Bug reports
What's a bug and what's not?
Just report it and we'll figure it out. Admin (talk) 12:29, 23 December 2013 (EST)
OpenSSL Heartbleed bug
On April 7, 2014, it was announced that a bug in the TSL Heartbeat extension of OpenSSL allows for a major exploit which could let an attacker read up to 64KB of server memory used by that process. This exploit left encripted communications, including cookies and passwords sent to this site, potentially vulnerable to viewing by an attacker. This is a major bug that effects a large portion of websites on the internet. We will be researching this issue in the days to come and provide additional information. Admin (talk) 03:14, 9 April 2014 (EDT)
SSL disabled on the site
We have intentionally disabled SSL (https) communications on this site because of the Heartbleed bug. Users will not be able to use SSL (https) protocol to communicate with the site, which means that all information sent to or from the site will be in the clear (readable by anyone with access to the datastream). Since nearly everything sent to this site is publicly viewable anyway, it won't effect much. The only information which is not normally made public is your email address, password, IP address, cookies and other session/protocol data. Email addresses and IP's are generally sent in the clear anyway, so there is no additional exposure there. The cookies and session data are either normally sent in the clear or don't contain personal information, however, passwords are normally sent in an encripted form to this site. So beginning 4/5/2014 until further notice, when you log on to the site, be aware that your password will be more susceptible to eavesdropping. Admin (talk) 03:22, 9 April 2014 (EDT)