Don’t worry there is no need to skip a beat! Heartbleed has been patched…
In response to patching up our HTTPS/SSL servers to 1.0.1g, we thought that we better make a public service announcement concerning Heartbleed. So here we go!
Although this response to The Heartbleed Bug which is affecting perhaps 2/3 of the internet, recently came to light:
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. Additionally,SSL/TLS provides communication security and privacy over the Internet for applications. These include the web, email, instant messaging (IM) and some virtual private networks (VPNs).
Therefore Heartbleed bug allows anyone on the Internet to read system memory of those protected by the vulnerable OpenSSL software. This compromises the secret keys used to identify service providers who encrypt traffic, and the login user details. This allows attackers to eavesdrop on communications, steal data directly from users and to impersonate.
This is perhaps the most serious bug to affect the internet and is so serious that the Government of Canada has shut down their Taxes website. Undoubtedly, given that we are in tax season, this underscores the severity of the issue.
Update: the CRA issued a statement that their systems were compromised: http://www.cra-arc.gc.ca/gncy/sttmnt2-eng.html.
In conclusion, we are glad that this has all blown over!
The Next Steps…
Blended Perspectives will contact customers that have previously shared SSL certificate keys separately.
If your organization needs Blended Perspectives to help mend your broken heart, contact us.
– – –
Blended Perspectives is Canada’s largest Atlassian Solution Partner providing Consulting, Managed Hosting, Installation, Data Migration, Performance Tuning and Certified Atlassian training. We have deep expertise in all Atlassian products with certified experts covering the full lifecycle for SDLC, Service Desk and broader business application support.
Founded in 2007 after years of experience serving clients in Canada, Europe, USA and Australia; Blended Perspectives’ mission is to enable Corporations to unleash the power of their teams and to leverage the true potential of their business via enhanced tools and processes.