Advertisements

Wallet Manager Code Update

It is with great pain that I have to announce that my wallet manager code was compromised at an unknown time in the past. I haven’t spent too much time doing computer forensics because I believe that I was compromised on a previous VM that hosted my site in 2011, which has since been deleted in favor of a OS refresh.

Details about the compromise can be found on this stackoverflow.com post. If you have downloaded and are running a copy of my Wallet Manager, you will want to look at files in the /protected/models/ directory for the exploit code.

Going forward I am going to publish the Wallet Manager code to a public GitHub repository. My goal will be to secure the code, make it open source, and enable community contributions.

Advertisements