Re: Serious OpenSSL vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 4/10/2014 5:32 PM, g wrote:
> 
> 
> On 04/11/14 02:14, David wrote:
> <<>> On 4/10/2014 3:49 PM, g wrote:
> 
>>> would you have a suggestion of a link that give a good detailed
>>> description of what bug is all about and how some sites are effected
>>> while others are not?
>>
>> Sure. Explained as simply (non geeky) as i have seen.
>>
>> "The Heartbleed Bug"
>>
>> <http://heartbleed.com/>
> 
> ok. been there. read it.
> 
> in following the links in the "theatlantic.com/technology/" article,
> mainly;
> 
>   https://lastpass.com/heartbleed/
>   http://possible.lv/tools/hb/
>   https://www.ssllabs.com/ssltest/
> 
> my main concern for security is with my bank, and norton/symantec,
> which at all 3 of above links;
> 
>  bank = 'not vulnerable', and ssllabs gives a "B"
> 
>  us.norton = 'not vulnerable', and ssllabs gives a "F"
> 
>  symantec.com = "Warning: Inconsistent server configuration"
>    and grades of "F", "B", "B"
> 
>  grc.com = "A+", "A+"
> 
> with above, i do not believe i will worry about my passwords
> for tech support groups that i subscribe.
> 
> like, what would some crazy do with such anyway?
> 
> layout for passwords for above 4 sites is totally different
> from what i use for support groups and non tech list.
> 
> to quote a childhood idle, Alfred E Newman, "What? Me worry?"
> 
> 
> thanks. have a great one.
> 
> 


Sure. I would not really *greatly* care about tech sites password. I
would be (was) concerned about my 'money' sites. The sites had to used
openssl. Which would be any Apache and another one that I can not recall
at the moment.

But? This time the 'ten feet tall and bullet proof because I use Linux'
Bull$$hit failed. This one is Linux centered. Period. A programer
created this and added it to the code. And 'free and a no money'
supported program mistake not caught for about two years.


IMHO? The problem with 'free is that you get what you pay for in the
end. A group of nice people working part time for nothing. No real
resources. People with real jobs that pay. Families. And 'part time
support'. I tip my hat but? Sad.

-- 

  David
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux