« News
Sep
25
Shellshock vulnerability
It has been widely reported that a long-standing vulnerability has recently become known, under the name Shellshock. We would like to quickly state that no Guild Software or Vendetta Online servers were vulnerable to this specific issue at any time, past or present. How is this possible? Frankly, a combination of good luck and preparation. Our server OS of choice does not include the vulnerable software by default (luck!). In addition, we secure individual exposed services using privilege limitations to drastically reduce the scope of a potential unforeseen compromise (each service can only access its own minimized footprint, and not the OS software); this would have helped to mitigate a compromise if one had been possible.
Security is a game of minimizing uncertainty and "possible" exposure, with no absolutes. Moving forward, we will continue to very carefully handle and defend any data that you share with our company. Thanks for your support.
Security is a game of minimizing uncertainty and "possible" exposure, with no absolutes. Moving forward, we will continue to very carefully handle and defend any data that you share with our company. Thanks for your support.