Heartbleed – Securities death
HeartBleed is probably the worst vulnerability ever seen on the internet. SSL is the only layer of protection, when transferring confidential documents on the word wide web. When it’s vulnerable, nothing is safe. I’m happy to say that all Tuxxin Inc. services and client services have been patched, but from what I’m reading online this could of been done much sooner. OpenSSL didn’t publicly announce the vulnerability for over a week! However, certain companies were given this knowledge and patched it prior to it becoming public knowledge. This shouldn’t be allowed! The very moment the vulnerability was found, it should of been public knowledge. Millions of people worldwide were unknowingly passing important information over non secure lines for who knows how long. Just about every service relies on OpenSSL, including but not limited to credit card transactions, emails, FTP, SSH and VPN’s. The impact from this threat could be catastrophic.
If #heartbleed doesn't affect you, you're Amish.
— Anonymous (@YourAnonNews) April 9, 2014
— Claudio (@botherder) April 9, 2014
— Robert Love (@rlove) April 9, 2014
Search for processes still using old OpenSSL #heartbleed : grep -l 'libssl.*deleted' /proc/*/maps | tr -cd 0-9\\n | xargs -r ps u
— jekil (@jekil) April 9, 2014
— Orlando Sentinel (@orlandosentinel) April 9, 2014