Life · Reblog

Heartbleed Security Update

The Blog

Last week, a very serious bug in OpenSSL was disclosed.  OpenSSL, a set of open source tools to handle secure communication, is used by most Internet websites.  This bug, nicknamed Heartbleed, allowed an attacker to read sensitive information from vulnerable servers and possibly steal things like passwords, cookies, and encryption keys.

Was vulnerable to Heartbleed?

Yes. servers were running the latest version of OpenSSL, which was vulnerable. We generally run the latest version of OpenSSL to enable performance enhancements, such as SPDY, for our users. The non-vulnerable versions of OpenSSL were over two years old.

Has fixed the issue?

Yes. We patched all of our servers within a few hours of the public disclosure.

Has replaced all SSL certificates and private keys?

Yes. Out of an abundance of caution, we have replaced all of our SSL certificates, along with regenerating all of the associated…

View original post 98 more words


I'd love to hear from you...

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s