X-Git-Url: https://jfr.im/git/irc/freenode/web-7.0.git/blobdiff_plain/9f71a395db5a63f93759d71910a93821e20fb56f..2be4b00cb7a62b5a9a38bbd58ccbc4e9303e6d20:/content/news/2014-04-15-heartbleed.md

diff --git a/content/news/2014-04-15-heartbleed.md b/content/news/2014-04-15-heartbleed.md
index 0eff1b422..e1d33ec65 100644
--- a/content/news/2014-04-15-heartbleed.md
+++ b/content/news/2014-04-15-heartbleed.md
@@ -1,3 +1,4 @@
+---
 author: Pricey
 date: 2014-04-15 18:52:05+00:00
 slug: heartbleed
@@ -5,6 +6,8 @@ title: Heartbleed
 category: infrastructure
 category: security
 category: technical
+imported: yes
+robots: noindex
 ---
 The recently exposed [heartbleed bug](http://heartbleed.com/) in the OpenSSL library has surprised everyone with a [catastrophic](https://www.schneier.com/blog/archives/2014/04/heartbleed.html) vulnerability in many of the world's secure systems.
 
@@ -16,20 +19,19 @@ Because of these two recent issues, we would like to make the following recommen
 
 
 
-	
+
   * Though we are not aware of any evidence that we have been targeted, or our private key compromised, [this is inevitably a possibility](https://www.eff.org/deeplinks/2014/04/wild-heart-were-intelligence-agencies-using-heartbleed-november-2013). SSL sessions established prior to 2014/04/12 may be vulnerable. If your current connection was established prior to this date via ssl then you should** consider reconnecting to the network.
 **
 
 
 
-	
-  * **We would advise that users reset their password**Â (after reconnecting) using instructions returned by the following command:
 
+  * **We would advise that users reset their password**Â (after reconnecting) using instructions returned by the following command:
 
 
 
-<blockquote>/msg nickserv help set password</blockquote>
 
+> /msg nickserv help set password
 
 
 
@@ -40,34 +42,34 @@ This should help ensure that if your password was compromised through an exploit
 
 
 
-	
+
   * In line with general best practice, we would always recommend using separate passwords on separate systems - if you shared your freenode services password with other systems, you should **change your password on all of these systems**; preferably into individual ones.
 
 
 
-	
+
   * If you use CertFP, you should **regenerate your client certificate** ([instructions](http://freenode.net/certfp/makecert.shtml))Â ****and ensure that you update NickServ with the new certificate hash. You can find out how to do this using the following command:
 
 
 
 
-<blockquote>/msg nickserv help cert</blockquote>
+> /msg nickserv help cert
+
 
 
 
 
 
-	
   * Having changed passwords and/or certificate hashes, it cannot hurt to **verify your other authentication methods** (such as [email](http://blog.freenode.net/2013/08/check-your-nickserv-email/), ACCESS or CERT). It is possible you have additional access methods configured either from past use or (less likely) due to an account compromise.
 
 
 
-	
+
   * At the recommendation of the Tor Project, we have regenerated private keys for our hidden services. [The new list of addresses is now available on our website](http://freenode.net/irc_servers.shtml#tor). **Please update your tor configuration!**
 
 
 
-	
+
   * Finally, it is worth noting that although probably the least likely attack vector, [Heartbleed can also be used as client-side attack](https://www.eff.org/deeplinks/2014/04/wild-heart-were-intelligence-agencies-using-heartbleed-november-2013), i.e. if you are still running a vulnerable client a server could attack you. This could be a viable attack if, for instance, you connect to a malicious IRC server and freenode at the same time; hypothetically the malicious IRC server could then attack your client and steal your IRC password or other data. If affected, you should** ensure your OpenSSL install is updated and not vulnerable then restart your client**.
 
 
