Schneier on Heartbleed
Source: Schneier on Security - Posted by Dave Wreski   
Cryptography Basically, an attacker can grab 64K of memory from a server. The attack leaves no trace, and can be done multiple times to grab a different random 64K of memory. This means that anything in memory -- SSL private keys, user keys, anything -- is vulnerable. And you have to assume that it is all compromised. All of it. "Catastrophic" is the right word. On the scale of 1 to 10, this is an 11. Half a million sites are vulnerable, including my own. Test your vulnerability here.

Read this full article at Schneier on Security

Only registered users can write comments.
Please login or register.

Powered by AkoComment!