Hello my friends,
I thought you might be interested in this article as well as a response in the StackOverflow community regarding my perspective on this Heartbleed Bug.
The best
(or important) part to know in the article is titled “Can heartbeat extension be disabled
during the TLS handshake?” This includes the ultimate answer that IT needs to
upgrade systems to a fixed OpenSSL version. Or, buy a trusted SSL certificate.
And, this is why I’m not worried about this bug – because I'm not using SSL anyways and, if I did, I would buy an SSL certificate from a trusted security company, and not
use OpenSSL.
Otherwise, we all Engineers would have panicked. ;-)
Cheers,
No comments:
Post a Comment