Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: What is this "heartbleed" bug I've been hearing about?
by
precrime3
on 11/04/2014, 15:26:49 UTC
Quote from: Klestin on April 11, 2014, 03:26:16 PM
Quote from: precrime3 on April 11, 2014, 03:05:28 PM
Quote from: gweedo on April 11, 2014, 02:08:38 AM
Openssl is a library that is shipped with a lot of OSes and basically allowed an attacker to dump 64Kb of your memory and it could do it in a loop this would allow access to entropy and store variable like SSL private keys. This is really an issue of putting too much trust in a single library.

Ahh okay, thanks for explaining it to me. So with this bug, they could steal your wallet private key?

The short answer is no.

They could potentially steal any information posted to a web site which had the vulnerability.  In some cases, they could steal the server's certificate, which might allow them to impersonate the server (better phishing attacks).

Then why is it saying Bitcoin could be stolen? How des that work?