Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Technical Support
Re: when will bitcoin-qt 0.8.x not be compatible with the new versions
by
AliceWonder
on 28/07/2014, 07:19:10 UTC
Quote from: bitsta on July 27, 2014, 11:50:49 AM
and as for the OpenSSL bug. YES you are theoretically vulnerable as long as you use the old OpenSSL version. the bitcoin protocol itself is secure and not affected by the heartbleed bug. but in fact your computer is unsecure as long as that version is running. and as long as your computer is not safe, you bitcoins are either.. so a dedicated hacker would be able to get access to your machine and steal your coins without even touching the wallet/rpc.... (keylog + wallet.dat: just to mention ONE method..)

SO PLEASE UPDATE YOUR OPENSSL (if you haven't done yet) AND ROTATE ALL YOUR SSL KEYS!!!

regards,
bitsta

How would a hacker gain access if you are not running a service that listens for connections?

Bitcoin 0.9.0 and earlier was vulnerable if you used the remote RPC feature but not if you didn't (edited brain fart)

I agree he should update OpenSSL library, but his computer is only vulnerable if he has services listening.