What the HeartBleed Attack Really Means: http://www.newyorker.com/online/blogs/elements/2014/04/the-internets-telltale-heartbleed.html
On Thu, Apr 10, 2014 at 11:24 AM, John Sessoms <[email protected]> wrote: > Be nice if that was in a printable format. > > I am *NOT* happy with *ANY* computers, computer companies or software of > any way shape or form this morning. > > > On 4/10/2014 9:55 AM, Bruce Walker wrote: >> >> That site has been swamped with requests and times-out before >> returning an answer. But this articles lists common sites and their >> vulnerability or not: >> >> http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/ >> >> >> On Wed, Apr 9, 2014 at 11:11 AM, Darren Addy <[email protected]> >> wrote: >>> >>> If you want to test your bank's web site (for example), just replace >>> the domain name here: >>> http://filippo.io/Heartbleed/ >>> >>> I believe you either need to begin the URL with https: OR leave the >>> :443 (port number) in that field. Assuming they are running SSL on >>> standard port. >>> >>> >>> >>> On Wed, Apr 9, 2014 at 12:08 AM, David Mann <[email protected]> wrote: >>>> >>>> My server is fine as well. Glad I had been procrastinating with an >>>> upgrade, now I have an excuse to wait a bit longer :D >>>> >>>> Cheers, >>>> Dave >>>> >>>> On Apr 9, 2014, at 3:20 am, Tim Bray <[email protected]> wrote: >>>> >>>>> Yeah, you're right; e.g. my own tbray.org server is fine because it's >>>>> been up for 1080 days and has openssl 0.9.8. My estimation of NSA's >>>>> cleverness is a little lower than yours, I bet it was a surprise to >>>>> them too. Someone should ask Snowden ;) >>>>> >>>>> On Tue, Apr 8, 2014 at 7:51 AM, Igor Roshchin <[email protected]> wrote: >>>>>> >>>>>> >>>>>> Tim, >>>>>> >>>>>> Thanks a lot for the heads-up. >>>>>> Apparently, I saw it here before I saw it through the "proper" >>>>>> channels. >>>>>> >>>>>> Strictly speaking it is not a "zero-day", as it was introduced in the >>>>>> version 1.0.1, and the earlier versions are not vulnerable. >>>>>> (I haven't seen any discussion of this yet, but I wouldn't be too >>>>>> surprised if the NSA had known about this bug way before the >>>>>> disclosure.) >>>>>> >>>>>> Cheers, >>>>>> >>>>>> Igor >>>>>> >>>>>> >>>>>> On 4/7/2014 8:13 PM, Tim Bray wrote: >>>>>>> >>>>>>> In the unlikely event that any of you run https-enabled web sites and >>>>>>> haven't visited heartbleed.com today, get thee over there post-haste >>>>>>> and find out what version of OpenSSL you're running and consider >>>>>>> replacing your certs, stat. >>>>>>> >>>>>>> I'm not sure I've ever seen a more damaging zero-day. >>>>>>> >>>>>> >>>>>> -- >>>>>> PDML Pentax-Discuss Mail List >>>>>> [email protected] >>>>>> http://pdml.net/mailman/listinfo/pdml_pdml.net >>>>>> to UNSUBSCRIBE from the PDML, please visit the link directly above and >>>>>> follow the directions. >>>>> >>>>> >>>>> -- >>>>> PDML Pentax-Discuss Mail List >>>>> [email protected] >>>>> http://pdml.net/mailman/listinfo/pdml_pdml.net >>>>> to UNSUBSCRIBE from the PDML, please visit the link directly above and >>>>> follow the directions. >>>> >>>> >>>> >>>> -- >>>> PDML Pentax-Discuss Mail List >>>> [email protected] >>>> http://pdml.net/mailman/listinfo/pdml_pdml.net >>>> to UNSUBSCRIBE from the PDML, please visit the link directly above and >>>> follow the directions. >>> >>> >>> >>> >>> -- >>> Photographers must learn not to be ashamed to have their photographs >>> look like photographs. >>> ~ Alfred Stieglitz >>> >>> -- >>> PDML Pentax-Discuss Mail List >>> [email protected] >>> http://pdml.net/mailman/listinfo/pdml_pdml.net >>> to UNSUBSCRIBE from the PDML, please visit the link directly above and >>> follow the directions. >> >> >> >> > > -- > PDML Pentax-Discuss Mail List > [email protected] > http://pdml.net/mailman/listinfo/pdml_pdml.net > to UNSUBSCRIBE from the PDML, please visit the link directly above and > follow the directions. -- Photographers must learn not to be ashamed to have their photographs look like photographs. ~ Alfred Stieglitz -- PDML Pentax-Discuss Mail List [email protected] http://pdml.net/mailman/listinfo/pdml_pdml.net to UNSUBSCRIBE from the PDML, please visit the link directly above and follow the directions.
