Heartbleed is at the heart of controversy today. It is related to OpenSSL. What is OpenSSL and why it is a popular choice ? The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength […]
Continue reading »Heartbleed poses a serious security threat to websites using OpenSSL. Can it be fixed ? First, we must understand that Heartbleed bug does not affect all version of OpenSSL. Only version 1.0.1 through 1.0.1f with heartbeat extension are affected. Next, as almost 66% of websites are affected. It is best to change password. And if you are like me who rarely […]
Continue reading »Heartbleed take frontline news recently. It is a bug with OpenSSL, a very popular open source security layer. The question is : Why heartbleed matters ? Security It is a security bug. Meaning personal data are at risks. What leaks in practice? We have tested some of our own services from attacker’s perspective. We attacked ourselves from outside, without leaving […]
Continue reading »Heartbleed causes quite a lot of buzz. Heartbleed is a bug in OpenSSL, an open source project. The main reason for it to get quite a lot of publicity is because it is used by a lot of websites. So, this week, we are going to talk about Heartbleed, OpenSSL and Open Source. Stay tuned for Heartbleed articles this week.
Continue reading »