shallowdeep
Posts: 343
Joined: 9/1/2006 From: California Status: offline
|
quote:
ORIGINAL: maidtessa Does Collarme use the technologies affected by heartbleed… No. Collarme does not provide encrypted connections and therefore makes no use of OpenSSL. quote:
…in which case has the site been fixed yet, so our data is secured? Since OpenSSL isn’t used, the server would not have been vulnerable to leaking login credentials or other sensitive data from memory to someone making malicious requests and no fix for Heartbleed was required. That said, it’s worth noting that communication with the site is not secured with any form of encryption, OpenSSL-based or otherwise, so you should only access the site from networks you trust completely if you are worried about data security, as the connection is susceptible to eavesdropping and man-in-the-middle attacks. quote:
ORIGINAL: NiceButMeanGirl What is the heartbleed bug? It is a serious bug that affected the OpenSSL software used by many websites and other online services to provide secure, encrypted connections. See: http://heartbleed.com/ or, for a simple explanation of how the bug works, http://xkcd.com/1354/
|