Fedor Indutny, a core member of the node.js team, has proved that it is in fact possible for an attacker to sniff out the private SSL keys from a server left exposed by the Heartbleed bug. The proof came in response to a challenge from CloudFlare that called on the security community to grab the keys from a demo server. The public revelation of Heartbleed rocked the tech world earlier this week. The bug, an innocuous mistake in the “heartbeat” protocol of the critical SSL standard, had for years put the majority of the Web at risk of having exposed...
This story continues at The Next Web
from The Next Web http://ift.tt/1hs8kCC
via IFTTT
Posts
0 Kommentare:
Kommentar veröffentlichen