[General] Heartbleed Vulnerability

Hunter Fuller hfuller at pixilic.com
Tue Apr 8 14:29:29 CDT 2014


Home routers likely use it but they don't have any secure services running
usually. Cisco IOS is not vulnerable.

For certs, StartSSL is cheap or free, depending on your usage.

-- Hunter Fuller
On Apr 8, 2014 2:19 PM, "Arthur" <Arthur at cd-net.net> wrote:

> Does anyone have any idea about embedded devices like routers.
> For instance, does Cisco IOS use openssl?  How about home routers?
>
> Oh well, it was about time for me to get a new ssl cert anyways.  Can
> anyone recommend somewhere cheap?
> Because yeah, not only do you need to patch, you need to* revoke your old
> certs*.  That's how bad this is.
>
>
> On Tue, Apr 8, 2014 at 2:55 PM, Hunter Fuller <hfuller at pixilic.com> wrote:
>
>> I wanted everyone to know about this if they didn't already.
>>
>> http://heartbleed.com/
>> proof of concept: https://www.mattslifebytes.com/?p=533
>>
>> Even if you don't give a shit about computer security, please, please
>> take note of this. There are sites around the Web that are leaking
>> credentials like a sieve. UAH services were patched as of ~3am, however,
>> okcupid is still leaking credentials. I would advise not logging into okc,
>> or anything non-critical, until you can verify it's been patched.
>>
>> Surf safe.
>>
>> --
>> Hunter Fuller
>>
>>
>>
>> _______________________________________________
>> General mailing list
>> General at lists.makerslocal.org
>> http://lists.makerslocal.org/mailman/listinfo/general
>>
>
>
>
> --
> Sincerely,
> Arthur Moore
> (256) 277-1001
>
> _______________________________________________
> General mailing list
> General at lists.makerslocal.org
> http://lists.makerslocal.org/mailman/listinfo/general
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.makerslocal.org/pipermail/general/attachments/20140408/c277d5a9/attachment.html>


More information about the General mailing list