letmeoutpax
Active Member
Apparently a big deal. Are passwords used on mdshooters ok?
Thanks,
Matt
Thanks,
Matt
I have always assumed everything on here was likely to be compromised due to a lack of an up-to-date security certificate (and not honestly because of malicious anti-gunners). I do not know how much of the traffic here is encrypted either - but given the state of an out-of-date certificate, my hopes are not riding too high.
When testing for the vulnerability, the automated test I have used to verify other websites compliance draws a null on mdshooters.
www.mdshooters.com does not respond to the vulnerable protocol component, so at this point in time it is not vulnerable. If this is because an in-line security device is mitigating the problem, it could have been vulnerable in the past.
However, when you log into mdshooters.com, you are doing it over an unencrypted channel, so anyone able to see your network traffic can easily intercept your credentials.
That's not great news, but it does mean that someone needs to capture your traffic -- they need to watch a network between MDS and your client. The "heartbleed" vulnerability would expose your credentials (randomly) to anyone anywhere who can talk to the vulnerable host.
The takeaway here is absolutely do not use the password you use on here anywhere else, especially if you use things like "free wifi" without protection.
I am not a computer guy but I heard that the risk of Heartbleed is being blown out of proportion.
I captured my login once and it seems like the browser hashes the password before it gets sent to the server.
I am not a computer guy but I heard that the risk of Heartbleed is being blown out of proportion.
I was able to change my MDS password using the home computer, but can't get the iPhone to remember it. Every time I log via the phone the old PW appears and I have to manually type over it. Any suggestions?
Bump.
Problem still unresolved. Perhaps my best best if to go back to Verizon and see if their "experts" can help me <g>.