Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)
On Mon, Apr 14, 2014 at 11:22 PM, Joel Rees <email@example.com> wrote:
> On Mon, Apr 14, 2014 at 8:41 PM, Richard Hector <firstname.lastname@example.org>
>> The only local bank I've heard any info about is Kiwibank, who are
>> apparently not vulnerable due to running their systems on Windows.
> That's a laugh. Not vulnerable to this parade, but ...
Hey, it must be a relief for the Windows sysadmins to watch some
security news go through that they *don't* have to panic over. Gives
some presumably much-appreciated respite, while the rest of us go
checking all our stuff.
> Banks use RedHat quite extensively. OpenBSD shows up in odd places, even
> though keeping it maintained is a bit of a hassle.
Bear in mind that the only servers that matter are those that can be
accessed by end users via SSL. If, for instance, they have web servers
separate from database servers, the database servers can't (AFAIK) be
vulnerable to Heartbleed.