Heartbleed bug - We Are Secure

Heartbleed bug - We Are Secure

Postby Ben Chiu » Thu Apr 10, 2014 8:32 pm

You may have read about the Heartbleed SSL bug that exposes user data the last couple of days. I just wanted to let everyone know that we are secure and have not ever been affected by this so all of our data remains secure.

If you want to read up more on this (many institutions are affected with is essentially a data breach of major proportions), here are a couple of good references:

http://www.washingtonpost.com/news/morning-mix/wp/2014/04/09/major-bug-called-heartbleed-exposes-data-across-the-internet/

http://heartbleed.com/
Ben
===============
~Imagining a world without hypothetical situations...
User avatar
Ben Chiu
Moderator
Moderator
 
Posts: 228
Joined: Fri Mar 29, 2013 5:47 pm
Location: San Luis Obsipo, CA

Re: Heartbleed bug - We Are Secure

Postby Ben Chiu » Sat Apr 12, 2014 12:09 pm

An additional note regarding Heartbleed, it looks like most of the bigger services had already patched their systems before the news about this bug was released, however, Yahoo (again) is caught behind the curve. I've always warned anyone with a Yahoo account that it was the worst regarding security!

(Full disclosure: I was formerly employed by MSN and Microsoft, competitors of Yahoo, but my opinions are based on my personal cumulative experiences and knowledge. I do have financial connection with the success of Microsoft, but this does not influence my opinion of Yahoo's security issues and implementation policy.)

If you're interested, read more about Heartbleed and Yahoo here:
http://www.cnet.com/news/how-to-protect-yourself-from-the-heartbleed-bug/
User avatar
Ben Chiu
Moderator
Moderator
 
Posts: 228
Joined: Fri Mar 29, 2013 5:47 pm
Location: San Luis Obsipo, CA

Re: Heartbleed bug - We Are Secure

Postby Ben Chiu » Mon Apr 14, 2014 3:09 pm

Pat sent me the following. It lists the 100 top sites and their status and recommendations regarding Heartbleed.

Heartbleed bug: Check which sites have been patched http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/

You can also check any web site using this online tool:
https://www.ssllabs.com/ssltest/index.html

In case you're interested we got an A. ;)
https://www.ssllabs.com/ssltest/analyze.html?d=alliancedigitalstudios.com
User avatar
Ben Chiu
Moderator
Moderator
 
Posts: 228
Joined: Fri Mar 29, 2013 5:47 pm
Location: San Luis Obsipo, CA


Return to Forum News

Who is online

Users browsing this forum: No registered users and 2 guests