Blog

Heartbleed – Securities death

openssl-logo

HeartBleed is probably the worst vulnerability ever seen on the internet. SSL is the only layer of protection, when transferring confidential documents on the word wide web. When it’s vulnerable, nothing is safe. I’m happy to say that all Tuxxin Inc. services and client services have been patched, but from what I’m reading online this could of been done much sooner. OpenSSL didn’t publicly announce the vulnerability for over a week! However, certain companies were given this knowledge and patched it prior to it becoming public knowledge. This shouldn’t be allowed! The very moment the vulnerability was found, it should of been public knowledge. Millions of people worldwide were unknowingly passing important information over non secure lines for who knows how long. Just about every service relies on OpenSSL, including but not limited to credit card transactions, emails, FTP, SSH and VPN’s. The impact from this threat could be catastrophic.

Share Button
Tagged with: , ,

Comment Area

Comment

Leave a Reply

Your email address will not be published.

Time limit is exhausted. Please reload the CAPTCHA.

Loading Facebook Comments ...