+1-416-273-6883 / +1-855-366-8444
hello@blendedperspectives.com

Heartbleed a été corrigé !

avril 9, 2014

Don’t worry there is no need to skip a beat! Heartbleed has been patched…

In response to patching up our HTTPS/SSL servers to 1.0.1g, we thought that we better make a public service announcement concerning Heartbleed. So here we go!

 

Heart

 

Although this response to The Heartbleed Bug which is affecting perhaps 2/3 of the internet, recently came to light:

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. Additionally,SSL/TLS provides communication security and privacy over the Internet for applications. These include the web, email, instant messaging (IM) and some virtual private networks (VPNs).

Therefore Heartbleed bug allows anyone on the Internet to read system memory of those protected by the vulnerable OpenSSL software. This compromises the secret keys used to identify service providers who encrypt traffic, and the login user details. This allows attackers to eavesdrop on communications, steal data directly from users and to impersonate.

This is perhaps the most serious bug to affect the internet and is so serious that the Government of Canada has shut down their Taxes website. Undoubtedly, given that we are in tax season, this underscores the severity of the issue.

CRA

 

Update: the CRA issued a statement that their systems were compromised: http://www.cra-arc.gc.ca/gncy/sttmnt2-eng.html.

In conclusion, we are glad that this has all blown over!

The Next Steps…

Blended Perspectives will contact customers that have previously shared SSL certificate keys separately.

If your organization needs Blended Perspectives to help mend your broken heart, contactez-nous.

– – –
Blended Perspectives est le plus grand partenaire de solutions Atlassian au Canada, offrant des services de conseil, d'hébergement géré, d'installation, de migration de données, d'optimisation des performances et de formation certifiée Atlassian.Nous disposons d'une expertise approfondie de tous les produits Atlassian, avec des experts certifiés couvrant l'ensemble du cycle de vie du SDLC, Service Desk et le soutien d'applications commerciales plus larges.
Fondée en 2007 après des années d'expérience au service de clients au Canada, en Europe, aux États-Unis et en Australie, Blended Perspectives a pour mission de permettre aux entreprises de libérer la puissance de leurs équipes et d'exploiter le véritable potentiel de leur activité grâce à des outils et des processus améliorés.

fr_CAFR
Partager ceci