Serious bug in ubiquitous OpenSSL library: "Heartbleed"

• Previous message (by thread): Serious bug in ubiquitous OpenSSL library: "Heartbleed"
• Next message (by thread): Serious bug in ubiquitous OpenSSL library: "Heartbleed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 04/08/2014 09:46 PM, Rob Seastrom wrote:
> If that's true, you might want to consider immediately disconnecting
> your systems from the Internet and never re-connecting them.  After
> all, theres a lot of online unseen code testing your site already
> whether you like it or not.
>
> -r
>
Sending someone to a site with obscure TLDs of .io or .lv doesn't help 
in these situations. This is a perfect opportunity for someone to set up 
a drive by site to drop malware on someone's computer.

I'm not saying these sites did that but in order to see the code, 
someone would have to visit the site first. I personally would use wget 
instead of a browser for sites like these and did so in this situation.

And yes, your point is not lost on me, there are tons of sites that have 
obfuscated code and malware running on them, I know that.
--John

• Previous message (by thread): Serious bug in ubiquitous OpenSSL library: "Heartbleed"
• Next message (by thread): Serious bug in ubiquitous OpenSSL library: "Heartbleed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]