[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

Re: Critical crypto bug in OpenSSL opens two-thirds of the Web to eavesdropping



Isn't it significant, though, that this vulnerability has existed for two
years and that it hasn't been perceptibly exploited? The
announcement seems to have an agenda other than user safety (i.e. the
authors want to improve their credentials by publishing a sensational
paper).

At 09/04/2014 05:23, you wrote:
Here's the stuff of nightmares - off topic, but important to know about:

http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/ http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/

That's the most detailed story, but it's running everywhere at this point - Reuters, CNN, NYT, WSJ etc

Lynn Brenner