re: #164 ericblair
Speaking of certificates, this news is a royal pain in the nethers:
If you noticed our server go away for a little while earlier today, it’s because we were patching OpenSSL to fix this bug.
But now we’ll need to install a new SSL certificate, because there’s no way to know if someone already grabbed our private keys by exploiting the “Heartbleed” bug. And the bug has been in the wild for almost 2 years. Ow. Ouch. Ooch. Not good.
When our new certificate is installed, I’m afraid the last step is going to be to ask everyone to change their passwords. I may have to require it somehow.
There’s nothing unusual about LGF in this — a lot of the biggest sites on the web are also affected, and nobody knows how many were actually compromised by this OpenSSL bug.