This is a very, very serious bug in OpenSSL, that allows someone to pull info off a OpenSSL server connection.
Edit: Hawk has addressed the Issue, see bellow.
http://heartbleed.com/
Heartbleed
Heartbleed
Last edited by AMD 103 on Wed Apr 09, 2014 9:15 pm, edited 1 time in total.
Re: Heartbleed
Well the good news is there isn't too much info they could steal from a site like this. There are also various versions of OpenSSL so not all sites that use it are vulnerable either.
Some of the biggest sites to use it are yahoo.com and flickr (of course now owned by yahoo)
http://gizmodo.com/heartbleed-why-the-i ... 1560812671 There's a link to a list on this article of some various sites that are/were vulnerable. Many sites have already fixed the problem the same day the articles about there being a problem came out. I read one article somewhere that said some companies knew about this for awhile but as it didn't affect things too badly (i.e. they didn't have to worry about credit card numbers being stolen) they didn't feel the need to fix it right away.
Some of the biggest sites to use it are yahoo.com and flickr (of course now owned by yahoo)
http://gizmodo.com/heartbleed-why-the-i ... 1560812671 There's a link to a list on this article of some various sites that are/were vulnerable. Many sites have already fixed the problem the same day the articles about there being a problem came out. I read one article somewhere that said some companies knew about this for awhile but as it didn't affect things too badly (i.e. they didn't have to worry about credit card numbers being stolen) they didn't feel the need to fix it right away.
Re: Heartbleed
I don't use OpenSSL (or any SSL for that matter) on this site or any of my sites, and I don't believe there's any other sites on this small server that use OpenSSL.
Nothing for me to worry about.
Nothing for me to worry about.
Hawk
Re: Heartbleed
I just emailed the server tech and he says the SSL he uses is not vulnerable to this issue.
Hawk
Re: Heartbleed
Thanks for confirming that Hawk.