http://www.bloomberg.com/news/2014-04-1 ... d-bug.html
[quote]Millions of smartphones and tablets running Google Inc. (GOOG)’s Android operating system have the Heartbleed software bug, in a sign of how broadly the flaw extends beyond the Internet and into consumer devices.
While Google said in a blog post on April 9 that all versions of Android are immune to the flaw, it added that the “limited exception
Millions of Android Devices Vulnerable to Heartbleed Bug
-
- Posts: 1885
- Joined: Tue 05 Jun 2012, 12:17
- Location: Wisconsin USA
Here, another alert which suggest vulnerability. What should interest all of us is an explanation of how this 2 year item got there in the first place and which subsystems is it using for the breeches it is providing. I have seen much speculation and have witnessed several live reports from reporters with differing accounts on HeartBleed. Notice, that is this accounting, they share that old versions may have contracted HeartBleed.
Anyone, here, in this forum, want to use their own words to describe this bug and its manifestation? Could/Is HeartBleed in Puppy?
Anyone.
Anyone, here, in this forum, want to use their own words to describe this bug and its manifestation? Could/Is HeartBleed in Puppy?
Anyone.
Here is a more realistic view of the issue
The rest is interesting too as well as the links therein.Security vendor CloudFlare further roiled the pot by issuing a challenge to hackers to steal a server's private encryption key using the Heartbleed bug. Fedor Indutny of Moscow took nine hours to obtain the key,
....
32 thousand requests per second from a single user is highly suspicious since that would be about 100x more than the fastest Internet connections allow a real user to use.
....
Also lost in the initial panic over the fact that two-thirds of websites use OpenSSL was any breakdown of how many of the servers were running a version actually affected by the flaw -- a figure that some put at 17 percent.
...
Attacking the client, you'll probably only get a few chances. You're not going to be able to do a million requests because, remember, you're not asking the client or initiating the connection to the client to pump the data out.
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==
https://www.ssllabs.com/Anyone, here, in this forum, want to use their own words to describe this bug and its manifestation? Could/Is HeartBleed in Puppy? Idea
Anyone.
Use Test your Browser Button.
Mine.
YMMV from mine.SSL 2 handshake compatibility No
TLS compression No
Your user agent is not vulnerable.
Images Passive Yes
CSS Active No
Scripts Active No
XMLHttpRequest Active No
WebSockets Active No
Frames Active No
More information on this issue of Android 4.1.x, servers and OpenSSL
Hope this is helpful in understanding HeartBleed and its manifestation.
Hope this is helpful in understanding HeartBleed and its manifestation.