By John Gruber
Infolio — No-nonsense task management and team collaboration
- Researcher Proves Heartbleed Bug Exposes Private SSL Keys
-
Josh Ong, reporting for The Next Web:
Fedor Indutny, a core member of the node.js team, has proved that it is in fact possible for an attacker to sniff out the private SSL keys from a server left exposed by the Heartbleed bug. The proof came in response to a challenge from CloudFlare that called on the security community to grab the keys from a demo server.
★ Saturday, 12 April 2014