[Nottingham] You think https is secure !!!
Kurtis Brown
me at kurt.is
Tue Apr 8 12:37:14 UTC 2014
Yep some really big sites are still wide open, many returning plain text
usernames and passwords etc.
You can check your own site @ http://filippo.io/Heartbleed/
Cheers
Kurtis
On Tue, Apr 8, 2014 at 1:28 PM, Jason Irwin <jasonirwin73 at gmail.com> wrote:
> On 08/04/14 12:58, Paul wrote:
> > I think you may find this article very interesting. It looks like all
> > SSL secured connections have been vulnerable for some time.
> > http://www.bbc.co.uk/news/technology-26935905
> The bug seems to have existed for about 2 years, has been patched in
> around 24 hours.
>
> The code is walked through here:
> http://blog.existentialize.com/diagnosis-of-the-openssl-heartbleed-bug.html
>
> After you've updated, the advice seems to be to get new x509 certs and
> change any passwords that might have been exposed.
>
> Going to be a long day/week for some people....
>
> --
> ╔═════════════╦══════════════════════════════════════════╗
> ║ Jason Irwin ║ OpenPGP (GPG/PGP) Public Key: 0xD0C592B1 ║
> ║ ║ Import from hkp://subkeys.pgp.net ║
> ╚═════════════╩══════════════════════════════════════════╝
>
> _______________________________________________
> Nottingham mailing list
> Nottingham at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/nottingham
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/nottingham/attachments/20140408/46b7386c/attachment.html>
More information about the Nottingham
mailing list