TechSpot

Canadian law enforcement officials make first Heartbleed-related arrest

By Shawn Knight
Apr 16, 2014
Post New Reply
  1. The Royal Canadian Mounted Police in Canada have made the first of what is sure to be several more arrests related to the exploitation of the Heartbleed bug.

    Read more
     
  2. NotParker

    NotParker TS Member Posts: 22   +6

    There are numerous devices between the internet and a government webserver - like firewalls and routers and load balancers.

    The logs in those devices may have caught the intruder even if heartbleed itself allowed access to the 64K chunks of data on the webserver.
     
  3. wastedkill

    wastedkill TS Evangelist Posts: 1,392   +329

    Those Royal Canadian Mounted Police in Canada must have spent hours travelling to the UK JUST to catch that 1 guy..... Also this article needs more info as in we need to know how they found out about it and how they got juristiction to walk/fly to the UK and to arrest him.
     
  4. Great news, your post is very impressive. Your post helped me to increase knowledge about

    Heartbleed bug. Thanks to share such useful information with us.
     
  5. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 6,514   +2,059

    Next stop for this guy is San Quentin's gas chamber.
     
  6. stewi0001

    stewi0001 TS Evangelist Posts: 1,185   +530

    *cough* *cough* London, Ontario *cough* *cough* ;P
     
    spectrenad, SalaSSin and worker17 like this.
  7. Camikazi

    Camikazi TS Maniac Posts: 818   +231

    They flew there on their magnificent flying mooses of course, how else would they get around?
     
    wastedkill likes this.
  8. RenGood08

    RenGood08 TS Booster Posts: 185   +13

    Nice...that's great they found someone responsible for this recent vulnerability! no comment to the guy who thinks they went to England....
     
  9. RenGood08

    RenGood08 TS Booster Posts: 185   +13

    Hmmm...maybe not responsible...but are benefiting from this vulnerability...
     
  10. captaincranky

    captaincranky TechSpot Addict Posts: 11,703   +1,887

    Don't you mean the gallows in the tower of London? (Ontario)

    His death will be a grand affair when they hang, "The Man for All Algorithms".

    The after party will include an Henry the VIII impersonator, reciting the medley of his hit, "Greensleeves". (That's always a big hit with any current queen. It tends to put them in touch with their inner mortal self).
    Oops....:oops:

    You, like many others, seem to believe the myth in which The Royal Canadian Mounted Police, can walk on water. It's only Mayor Rob Ford of Toronto who is able to do that. You take his crack pipe off of him though, and he sinks like a stone...:eek:

    Oh well, who really knows very much aboot canadian geography anyhoo......AY? :D

    [​IMG]

    You're goddamned right they did!
     
    Last edited: Apr 19, 2014
    RenGood08 and Skidmarksdeluxe like this.
  11. jobeard

    jobeard TS Ambassador Posts: 9,348   +622

    Consider what we we know:
    (1) it's a secure SSL connection, so this requires a browser access, not ftp, telnet or some scripting bot
    (2) the server-side is where the flaw is located, and all web servers have error and access logs
    (3) the access log has the source IP address, the server status code (200 is a good reply), the file name of the resource that was requested and the size returned to the user in bytes of the reply.

    a quick scanning tool simply looks for size >= 64k


    @NotParker: router logs only capture source/destination and a small fragment of the data
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...