Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)
On 4/14/2014 5:53 AM, Jochen Spieker wrote:
> Stan Hoeppner:
>> On 4/13/2014 10:03 PM, Chris Bannister wrote:
>>> Then there is also the very serious issue of embedded devices using
>>> openssl. Tablets, smartphones, routers, ... etc. etc.
>> This problem only exists *if* these devices connect to a compromised or
>> rogue host via SSL/TLS *and* the user hasn't reset and or deleted
>> locally cached usernames and passwords.
> That is not the whole truth.
Yes, this is the whole truth.
> It has by now been shown that certificates
> and private keys were at risk for two years. You are affected by this
> bug if your browser (or any other SSL/TLS client) does not properly
> check for certificate revocations or if you try to visit a previously
> vulnerable system whose certificate was not revoked for some reason.
Hence my statement above: "connect to a compromised or rogue host"
>> So, no, definitely not on the impact scale of Y2K. That affected
>> *everyone* whereas this does not. Anyone using an MS Windows PC, which
>> is the majority of the planet, whose financial institutions do not use
>> OpenSSL, are entirely safe from this bug.
> No. This applies to everyone who is using sites that previously used a
> vulnerable version of OpenSSL. Since I generally cannot know which
> software is used by a specific site, I tend to go as far as concluding
> that any certificate from before 2014-04-08 may be stolen.
Intentionally quoting me out of context and then attempting to "correct"
my factual statements, without adding anything constructive to the
thread. That's trolling.
> BTW, you shouldn't focus only on banks either. There are a lot of
> popular services that use free software a lot, some of which happen to
> include payment functionality.
I did not "focusing on banks". I replied to Chris Bannister's statement
regarding *his bank*, which you snipped, again intentionally deleting
context in order to be a contradictarian.
Might have to add you to the kill file...