1. Just because the server was patched as soon as it went public that doesn’t mean it was never vulnerable. The only way any site wasn’t vulnerable that has been using OpenSSL 0.9.8. This bug has been out in the open for almost 2 years. If the server was patched then the SSL certs should be revoked and reissued.

    Comment by AJ — April 15, 2014 @ 9:15 am

Leave a comment

Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Close this window.