Jump to content
The Lotus Eaters: Share Bug Reports and Feedback Here! ×

How Bad Is Heartbleed For Warframe?


Llyssa
 Share

Recommended Posts

Well.. warframe runs off drupal, which uses multiple other technologies at the same time, depending how warframe is built on the back-end it could affect us. If you're paranoid, change your info. But I don't think anyone would randomly select you for the grand prize of hacking into your warframe account.

Link to comment
Share on other sites

i guarantee anyone that would want to steal information, already knew about this long before any silly website reporter would have known about it.

 

the news is always late.

 

Edit:

meaning, if Warframe is susceptible to this, the damage is already done.

Edited by taiiat
Link to comment
Share on other sites

i guarantee anyone that would want to steal information, already knew about this long before any silly website reporter would have known about it.

 

the news is always late.

By late would you say half a decade? I mean yeah it's been around for a long time, but in all seriousness, if I was privy to this info long before it became "public knowledge" I would spend my efforts in a more.... monetarily compensating area. Unless you really &!$$ed me off to the point that I want to waste my time sifting through the thousands of thousands of login credentials  at my disposal to find yours and... idk, sell all your weapons and warframes or something, idk.

Edited by -Kasumi-
Link to comment
Share on other sites

By late would you say half a decade? I mean yeah it's been around for a long time, but in all seriousness, if I was privy to this info long before it became "public knowledge" I would spend my efforts in a more.... monetarily compensating area. Unless you really &!$$ed me off to the point that I want to waste my time sifting through the thousands of thousands of login credentials  at my disposal to find yours and... idk, sell all your weapons and warframes or something, idk.

i'm touched that you would sell my Weapons and other stuff just for me.

 

d'aww. 

 

:>

Link to comment
Share on other sites

By late would you say half a decade? I mean yeah it's been around for a long time, but in all seriousness, if I was privy to this info long before it became "public knowledge" I would spend my efforts in a more.... monetarily compensating area. Unless you really &!$$ed me off to the point that I want to waste my time sifting through the thousands of thousands of login credentials  at my disposal to find yours and... idk, sell all your weapons and warframes or something, idk.

Actually, account theft  is one of the larger usages of things. If you steal money, you can be arrested. If you steal people's online accounts, you haven't technically done anything illegal. I recall one a few years back where the biggest usage found was stealing people's WoW accounts.

 

That being said, this game actually does sell things. So if we were affected, this is a security breach that could affect the bank accounts of players who've made purchases. For example, everyone posting on this thread so far.

Link to comment
Share on other sites

All the banking details are handled by other providers though, not DE. You'd have to find out about their systems.

 

Unfortunately there's also that middleman 'Ulitmate'Pay which DE continues to use for their payments. They could have all sorts of holes in their system. Hopefully as I've used PayPal and Steam for my purchases I should be ok but you never know...

Link to comment
Share on other sites

Not affected according to a few testers.

The forums and website (warframe.com/forums.warframe.com) are not affected, but the API server IS.

 

Exploiting the API server can leak your account ID, authentication token, email address, Whirlpool hash of your password, etc.

 

With either pair of ID/token email/hash, attackers can log in to your account and perform any action that doesn't require a password input.

Edited by Audeath
Link to comment
Share on other sites

The forums and website (warframe.com/forums.warframe.com) are not affected, but the API server IS.

 

Exploiting the API server can leak your account ID, authentication token, email address, Whirlpool hash of your password, etc.

 

With either pair of ID/token email/hash, attackers can log in to your account and perform any action that doesn't require a password input.

They added API at some point? goes digging into old topics

Link to comment
Share on other sites

They added API at some point? goes digging into old topics

The internal API used by the game, there isn't one that is publicly documented and meant for public consumption.

Edited by Audeath
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...