Dawnrazor.co.uk

Fields of the Nephilim Discussion Forum
It is currently Fri Oct 19, 2018 6:36 pm

All times are UTC [ DST ]




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: Not affected by Heartbleed then? Nice :)
PostPosted: Thu Apr 10, 2014 8:00 pm 
Offline
Dawnrazor

Joined: Sun Feb 15, 2009 3:51 am
Posts: 539
Due to recent event I ran a check on the https version of the forum - the site seems pretty well configured, thanks Mark :)

_________________
Night obliterates the day and all the fun begins
The Damned - Curtain Call


Citizen of a nation otherwise populated mainly by blinded, brain damaged xenophobes


Top
 Profile  
Reply with quote  
 Post subject: Re: Not affected by Heartbleed then? Nice :)
PostPosted: Fri Apr 11, 2014 3:46 am 
Offline
Leviathan
User avatar

Joined: Sun Jul 19, 2009 10:47 pm
Posts: 1178
Location: Full Circle (Cairo Mix)
No, it's not. It's just old. OpenSSL 0.9.8. :lol:

Schneier's comments on this are also great: https://www.schneier.com/blog/archives/ ... bleed.html

Plus those quotes:

"Has anyone looked at all the low-margin non-upgradable embedded systems that use OpenSSL? An upgrade path that involves the trash, a visit to Best Buy, and a credit card isn't going to be fun for anyone."

"I'm hearing that the CAs are completely clogged, trying to reissue so many new certificates. And I'm not sure we have anything close to the infrastructure necessary to revoke half a million certificates."


And all by adding a feature to OpenSSL which makes no sense at all. Brilliant!

Well, it was about time I change my own zillion passwords anyway.

_________________
"It's probably better to have him inside the tent pissing out, than outside the tent pissing in." -- Lyndon B. Johnson


Top
 Profile  
Reply with quote  
 Post subject: Re: Not affected by Heartbleed then? Nice :)
PostPosted: Mon May 12, 2014 11:12 pm 
Offline
Dawnrazor

Joined: Sun Feb 15, 2009 3:51 am
Posts: 539
markandre13 wrote:
No, it's not. It's just old. OpenSSL 0.9.8. :lol:
But still scores good on ssllabs feature test ;)
Quote:
And all by adding a feature to OpenSSL which makes no sense at all. Brilliant!
Yes, that was really great, bug due to an unnecessary/useless? extension of a feature that, as far as its primary function is concerened, is redundant anyway :mrgreen:

_________________
Night obliterates the day and all the fun begins
The Damned - Curtain Call


Citizen of a nation otherwise populated mainly by blinded, brain damaged xenophobes


Top
 Profile  
Reply with quote  
 Post subject: Re: Not affected by Heartbleed then? Nice :)
PostPosted: Thu Jun 05, 2014 4:34 pm 
Offline
Leviathan
User avatar

Joined: Sun Jul 19, 2009 10:47 pm
Posts: 1178
Location: Full Circle (Cairo Mix)
Now the https connection is really hit: http://www.openssl.org/news/secadv_20140605.txt
It's also bad timing because I'm off to the WGT.

_________________
"It's probably better to have him inside the tent pissing out, than outside the tent pissing in." -- Lyndon B. Johnson


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group