[Nottingham] You think https is secure !!!
Jason Irwin
jasonirwin73 at gmail.com
Tue Apr 8 12:29:41 UTC 2014
On 08/04/14 12:58, Paul wrote:
> I think you may find this article very interesting. It looks like all
> SSL secured connections have been vulnerable for some time.
> http://www.bbc.co.uk/news/technology-26935905
The bug seems to have existed for about 2 years, has been patched in
around 24 hours.
The code is walked through here:
http://blog.existentialize.com/diagnosis-of-the-openssl-heartbleed-bug.html
After you've updated, the advice seems to be to get new x509 certs and
change any passwords that might have been exposed.
Going to be a long day/week for some people....
--
╔═════════════╦══════════════════════════════════════════╗
║ Jason Irwin ║ OpenPGP (GPG/PGP) Public Key: 0xD0C592B1 ║
║ ║ Import from hkp://subkeys.pgp.net ║
╚═════════════╩══════════════════════════════════════════╝
More information about the Nottingham
mailing list