Heartbleed and OpenSSL


Heartbleed is a pretty nasty security bug. Thankfully it can be fixed by a quick package update (unless you’re mod_spdy among other culprits (this one got me briefly). Then for good measure revoke certs and reissue to make sure nothing is left to chance. Need to make sure everything built on OpenSSL is not impacted.

While at it, I made a few tweaks to SSL configurations to hopefully let more traffic us Forward Secrecy which is a step forward.

What’s disappointing is that security researchers rather than let vendors have a few days to update and push fixes decided to get a domain name and spiffy graphic then 0 day the internet. Not terribly professional.

Leave a Reply

Your email address will not be published. Required fields are marked *

Connect with Facebook