|
Avid Pro Audio CommunityHow to Join & Post • Community Terms of Use • Help Us Help YouKnowledge Base Search • Community Search • Learn & Support |
#1
|
|||
|
|||
Heartbleed security risk?
Woah, this seems to be a huge security issue:
http://www.cnet.com/news/how-to-prot...eartbleed-bug/ I guess I should worry about my Avid.com and iLok.com accounts? Any news on if these sites are affected? |
#2
|
||||
|
||||
Re: Heartbleed security risk?
Keep calm and don't worry to much. Have faith. :)
Change your passwords when Avid and iLok (and others) claim they've updated their affected servers. Keep in mind; not all servers are affected by this security flaw. Remember to update your own servers and affected devices. Best regards, Marcel
__________________
Marcel Risberg Production sound and audio post - ljuddesign.se Enthusiastically sharing knowledge and experience at Stockholm Film School. 🛠 Pro Tools Ultimate 2019.10 · HD Native · HD Omni 🎚 EuControl x.x.x · Artist Control · Mix · Control App 🦑 MacPro5,1 · 12C24T @3.46GHz · 48GB · SSDs · macOS 10.13.6 (17G5019) 📺 Separate video playback machine 🥇 Covered by ZDT/TLC · Keeping DAW OS clutter free |
#3
|
|||
|
|||
Re: Heartbleed security risk?
Quote:
|
#4
|
||||
|
||||
Re: Heartbleed security risk?
Quote:
It's a serious bug, affecting many sites including banks and online shops as well as forums like this one. I would recommend anyone to change their passwords after this bug has been solved, or rather the proper security patch has been applied everywhere. The bug already has been fixed in the latest version of OpenSSL (openssl-1.0.1g = problem solved, openssl-1.0.2 will be solved with beta 2 - not yet released as of this writing). Also, some older versions of OpenSSL like the one included with the OS X server for Mountain Lion (10.8) are not affected. I'm hoping sites and companies will inform their users / customers when fixes have been applied so that we all can take precautionary action and change our passwords. I received an e-mail from Plugin Alliance today informing me like this: "The Heartbleed Bug - our website is ok. plugin-alliance.com not affected." Thats a good example. I hope more follow in their foot steps. Best regards, Marcel
__________________
Marcel Risberg Production sound and audio post - ljuddesign.se Enthusiastically sharing knowledge and experience at Stockholm Film School. 🛠 Pro Tools Ultimate 2019.10 · HD Native · HD Omni 🎚 EuControl x.x.x · Artist Control · Mix · Control App 🦑 MacPro5,1 · 12C24T @3.46GHz · 48GB · SSDs · macOS 10.13.6 (17G5019) 📺 Separate video playback machine 🥇 Covered by ZDT/TLC · Keeping DAW OS clutter free |
#5
|
||||
|
||||
Re: Heartbleed security risk?
This kind of thing is the downside of "free" open-source software.
__________________
Bob's room 615 562-4346 Interview Artists are the gatekeepers of truth! - Paul Robeson |
#6
|
|||
|
|||
Re: Heartbleed security risk?
CNN has a page up on this and a list of what services that if you're on need to be changed NOW and what services are okay. There are also a couple they don't know about one way or the other. I suggest taking a look at this page:
http://money.cnn.com/2014/04/10/tech...html?hpt=hp_t3 Last edited by musicman691; 04-11-2014 at 04:45 AM. |
#7
|
|||
|
|||
Re: Heartbleed security risk?
Quote:
According to Microsoft, "most" Microsoft Services, including Microsoft Account and Azure, were not affected by the OpenSSL vulnerability and of course the Windows implementation of SSL/TLS were not impacted. "Microsoft Azure Web Sites, Microsoft Azure Pack Web Sites and Microsoft Azure Web Roles do not use OpenSSL to terminate SSL connections. Windows comes with its own encryption component called Secure Channel (aka SChannel), which is not susceptible to the Heartbleed vulnerability," it said. Microsoft's extensible web server IIS was not affected by the bug. However, that doesn't mean companies that run their websites on it won't be affected, largely due to the practice of employing a third-party load balancer — such as Amazon Web Services, which was affected by Heartbleed. I will give the "open source" guys kudos for finding and putting out a fix for the issue quite quickly...but... I think more than one IT manager may find his head on the chopping block for using "penny wise, pound foolish" open source stuff...and putting the future of the company in the hands of people who live in their mother's basement...
__________________
X Note that all opinions, observations, whatever, in this post are mine, unless I'm being mean or am wrong, in which case it's somebody else's fault. I do not work for Avid (their loss)...my only relationship with Avid is that of a customer (when I'm not too poor to buy stuff, like now)...and that hot administrative assistant...that's more of a "thing" than a "relationship" (that should keep them guessing for a while...) Just rockin'...what more is there? Bill in Pittsburgh |
#8
|
|||
|
|||
Re: Heartbleed security risk?
I've just received an email from Plugin Alliance, saying the following:
Quote:
__________________
Pro Tools HD 12.4, Pro Tools "Vanilla" 12.4, Artist Transport, 2x Artist Mix Studio Blue: RME UCX, Win7 Pro, i7 960, 16GB || Studio Green: RME Babyface, Win10, i7 7700HQ, 16GB |
#9
|
|||
|
|||
Re: Heartbleed security risk?
this critical flaw in internet security has been around for 2 years... It just got discovered now.
http://www.truthdig.com/eartothegrou..._of_the_intern
__________________
Manu PT Ultimate - Mac Studio M1 Max - Monterey - RME Fireface UFX II - 2x S1, 1x Dock with an iPad 7th gen - Genelec 8330 5.1 setup |
#10
|
|||
|
|||
Re: Heartbleed security risk?
iZotope: Safe.
IKMultimedia: Safe iLok: Safe
__________________
Mac Studio Max Pro Tools Ultimate PT | Control Focusrite Clarett+2 JBL LSR-305 Auratone SSC 5C Soundminer v5 Pro Last edited by BondAudio; 04-11-2014 at 10:46 AM. Reason: More Info |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Mac Desktop in Cold Garage a risk?? | avalle1 | Getting Started | 7 | 11-27-2013 07:37 AM |
Should I risk bumping up to 7.3.x? Are you happy? | johnnyv | Pro Tools TDM Systems (Mac) | 7 | 07-16-2007 09:58 AM |
MB died...should I risk it? | Harpo | 003, Mbox 2, Digi 002, original Mbox, Digi 001 (Win) | 33 | 03-06-2007 06:50 PM |
Monitor Output, is there a risk of a short? | apetrocelli | 003, Mbox 2, Digi 002, original Mbox, Digi 001 (Mac) | 11 | 12-17-2002 06:30 PM |
Im gonna risk it...P4 with NEW i845 chipset | Mr Scary P4P | 003, Mbox 2, Digi 002, original Mbox, Digi 001 (Win) | 4 | 08-03-2001 07:57 PM |