NGminecraft, Heartbleed and You

If you haven’t heard, there’s a pretty big flaw in the encryption software that protects us on the internet. Simply put, a bug in OpenSSL meant that anybody (yes, anybody) could send a request to a server, and have the server reply with chunks of RAM that should never be accessible to the public. Even worse, those accesses never show up in logs.

It works pretty much like this:

The Heartbleed bug in a nutshell. (from XKCD http://xkcd.com/1354/ )

Mashable has a list of sites that are vulnerable, and Minecraft was one of them.

Change your Minecraft account password. Now. Seriously. Mojang even posted a notice on their blog about this flaw; it’s been patched but nobody knows what sort of account data could have been stolen.

That said, NGminecraft’s systems were never affected by this bug. I don’t have any sites that use SSL that can be accessed from the Internet, and Dynmap doesn’t even support encryption (why should it, it’s a map 🙂 ). Even if I did, I use Microsoft IIS which doesn’t rely on OpenSSL anyway.

Advertisements

NGminecraft is merging!

In the absence of any recent news, I’ve got an exciting new announcement!

NGminecraft is teaming up with FoxBlocks, the server that I mentioned in a previous blog post. Their admin team and I will be combining our strengths to create NGmineFoxCraftBlocks(tm)(r)(c)(tm)!

However, in order to save on resource costs, I will be moving the server to their admin’s network connection (a super-speedy 500 kilobit-per-second DSL line), and storing the files on a high-quality DVD-RW disk; none of that CD-R crap that we see too much of nowadays. All of this will be run on the latest Intel Atom-based Eee PC (the three Es means Eeexcellent performance 😀 ) to provide both speed and low power consumption.

I’m thrilled that the server has lasted for so long, as I’ve seen many other servers pop up only to wither soon after their creation. But now, with more hands on the poop deck, it’s nothing but smooth sailing from here.

-ginbot86

…april fools :3