Anatomy of OpenSSL's Heartbleed

Marc · Apr 10, 2014

Since I never saw a need for SSL, Elsmar isn't affected. For those of you who wonder what it is, this is a good read: Anatomy of OpenSSL's Heartbleed

You might also be interested in PCs, phones and more under threat

BTW - It isn't a "virus", worm" or even a program. SSL (Secure Socket Layer) is a library, and the "bug" has been known for more than 2 years.

the article said:
Security penetration testers are going to find themselves in work “through 2020” with this bug, Williams said, and noted that it's going to be hard to identify vulnerabilities in some environments. For example, he said, it's going to be hard to tell if Windows client programs were compiled against vulnerable OpenSSL versions.

And that's not to mention all the "non-port-443" software that might be compiled to vulnerable versions of OpenSSL - e-mail servers, databases, LDAP services, and so on.

Stijloor · Apr 16, 2014

A Quick Bump!

In case you missed this post.

Mikishots · Apr 16, 2014

Marc said:
Since I never saw a need for SSL, Elsmar isn't affected. For those of you who wonder what it is, this is a good read: Anatomy of OpenSSL's Heartbleed

You might also be interested in PCs, phones and more under threat

BTW - It isn't a "virus", worm" or even a program. SSL (Secure Socket Layer) is a library, and the "bug" has been known for more than 2 years.

Yep, this resulted in the Canada Revenue Agency shutting down their taxation site for a few days over the weekend, so one was able to file their taxes electronically during this time. In Canada, personal income tax reporting is due at the end of April, but the govt has graciously allowed us to keep our hard-earned money for an extra five days. :agree1:

Anatomy of OpenSSL's Heartbleed

Marc

Fully vaccinated are you?

Stijloor

Mikishots

Similar threads