Sour Grapes
Of course we're Fair and Balanced!

Opinions are the author's and are not necessarily shared by Blogger, SDF, my employer or my family, but they should be.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License.


Blog home
Blog archives
Web home
Contact
Legend Consulting
Justin's blog
(not updated since Aug 2009)

Entire web This site
Search this site (powered by FreeFind)

Blogs and such

e-mail lists

Other

Results of 2 Nov 2004 General Election (winners in bold; click on office for more detail)

Tools



since 12 Apr 2004

Locations of visitors to this page
Where in the world are visitors to this page located?
(Month-to-date totals since 15 July 2007)

2014-04-09

My heart bleeds for the World-Wide Web

This sounds like a HUGE disaster. My brother Glenn, who does security for a living, alerted me to this posting from yesterday on ars technica:

Lest readers think "catastrophic" is too exaggerated a description for the critical defect affecting an estimated two-thirds of the Internet's Web servers, consider this: at the moment this article was being prepared, the so-called Heartbleed bug was exposing end-user passwords, the contents of confidential e-mails, and other sensitive data belonging to Yahoo Mail and almost certainly countless other services.

The current top two promoted comments combine to say:

On a scale of 1 to 10, I would say 11....

Even 11 is an understatement....

It is not enough to do new certificates. All of the old certificates could now be used for man in the middle attacks! 2/3rds of the Internets certificates potentially need to be blacklisted! This is a MAJOR disaster....

EVERY existing CA used on the internet may have to be black listed, and every single SSL certificate re-issued.

IMO SSL/TLS is now completely broken....

There's a website devoted to this problem as well. Click on the Heartbleed image to see it.


Original post by Namenlosen Trinker at 4/09/2014 04:51:00 PM Eastern time :: 0 comment(s) ::

0 comment(s):

Post a Comment



Blog home
 Blog archives
         2003
         2004
         2005
         2006
         2007
         2008
         2009
         2010
         2011
         2012
         2013

Justice (Civil Liberties, so-called Intellectual Property, Privacy & Secrecy); Politics & Government (International, National, State, Local); Humor (Irony & the Funny or Unusual); Science & Technology (Astronomy, Computers, the Internet, e-Voting, Crypto, Physics & Space); Communication (Books, Film, Media, Music & the English Language); Economics (Corporatism & Consumerism); and Items of Purely Personal Note (including Genealogy, Photography, Religion & Spirituality).