Critical security vulnerability Heartbleed disclosed in OpenSSL

Shawn Knight

Posts: 12,297   +120
Staff member
The OpenSSL project on Tuesday disclosed a major security flaw called Heartbleed that could be used by those with malicious intent to spy on the "secret digital handshake" that takes place during secure transactions using Transport Layer Security (TLS) /...

[newwindow="https://www.techspot.com/news/56312-critical-security-vulnerability-heartbleed-disclosed-in-openssl.html"]Read more[/newwindow]
 
G

Guest

All VPNs just became useless ?

Just wondering, if the ssl connection to the servers arent secure, they won't need to ask who you are, they will know ?
 

Darth Shiv

Posts: 2,042   +624
All VPNs just became useless ?

Just wondering, if the ssl connection to the servers arent secure, they won't need to ask who you are, they will know ?
They have to be specifically trying to break into the VPN. If it is a major VPN provider, you probably will have a problem!
 
G

Guest

Well I asked the question of the VPN earlier, and to shiv who replied. I could imagine a little team from the MPAA / RIAA jumping on this like hot sauce, this is like a gift from the heavens for them is it not ? Regardless of how illegal their footing may be to do such a thing, they still would.

I understand not every site etc is affected or has been fixed to protect the sploit, apparently twitter google and a few others got on this, steam on the overhand apparently did not.
 

Darth Shiv

Posts: 2,042   +624
Well I asked the question of the VPN earlier, and to shiv who replied. I could imagine a little team from the MPAA / RIAA jumping on this like hot sauce, this is like a gift from the heavens for them is it not ? Regardless of how illegal their footing may be to do such a thing, they still would.

I understand not every site etc is affected or has been fixed to protect the sploit, apparently twitter google and a few others got on this, steam on the overhand apparently did not.
They couldn't use that information in court I wouldn't have thought... they would be guilty of hacking the servers.