back to article Interweb has staunched nearly all Heartbleed wounds, says crypto bod

The Heartbleed password-leaking vulnerability in OpenSSL has almost been eradicated from the web just weeks after its discovery, according to an encryption expert. Ivan Ristic, director of engineering at cloud security firm Qualys, estimates that 25 per cent of websites worldwide were vulnerable to the data-disclosing bug on 8 …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    DD-WRT

    Just waiting for firmware update on DD-WRT for my router and everything will be back to "normal". But nothing is really "normal" on the interweb.

    1. Anonymous Coward
      Anonymous Coward

      Re: DD-WRT

      DD-WRT was fixed a while back.

      Their website is full of pointless ajax and it's bloody hard to find the current firmwares. It's via the "other downloads" link in the router database.

      1. Anonymous Coward
        Anonymous Coward

        Re: DD-WRT

        You need to enter the Router database to find firmware.

        I found new firmware released April 22nd which installed without problems.

        1. Anonymous Coward
          Anonymous Coward

          Re: DD-WRT

          And here I sit with a 2012 DD-WRT router bought in 2013 running firmware from 2008 with no updates available.

          Thanks Buffalo, you useless shits. Never again will I buy your garbage.

  2. A Non e-mouse Silver badge

    Patch Vs New Feature

    Heartbleed was fixed quickly because it was a (simple) source patch to apply.

    It took TLS 1.2 years to become standard because that's a new feature and requires new libraries and so on to support it. You'd only get it once your distro supported it and you updated to the new distro, or if you manually supply (e.g compile from source) OpenSSL.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2020