Keith Keller
2014-04-09 22:36:01 UTC
Those of us who know better already knew this: it's not just web sites
that could be vulnerable to the Heartbleed bug.
http://www.theregister.co.uk/2014/04/09/heartbleed_vuln_analysis
But there was an interesting list of web sites which were vulnerable as
of yesterday:
http://www.theregister.co.uk/2014/04/09/heartbleed_vuln_analysis
As Jeff noted, yahoo.com is no longer vulnerable; I would guess that
many of these sites have patched by now. And some sites are clearly
false reports: ebay.com, for example, must have some sort of SSL
support, probably on a different subdomain.
And, of course, some data is perfectly safe:
http://xkcd.com/1353/
--keith
that could be vulnerable to the Heartbleed bug.
http://www.theregister.co.uk/2014/04/09/heartbleed_vuln_analysis
But there was an interesting list of web sites which were vulnerable as
of yesterday:
http://www.theregister.co.uk/2014/04/09/heartbleed_vuln_analysis
As Jeff noted, yahoo.com is no longer vulnerable; I would guess that
many of these sites have patched by now. And some sites are clearly
false reports: ebay.com, for example, must have some sort of SSL
support, probably on a different subdomain.
And, of course, some data is perfectly safe:
http://xkcd.com/1353/
--keith
--
kkeller-***@wombat.san-francisco.ca.us
(try just my userid to email me)
AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
see X- headers for PGP signature information
kkeller-***@wombat.san-francisco.ca.us
(try just my userid to email me)
AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
see X- headers for PGP signature information