Linux.com

Home News Enterprise Computing Systems Management Heartbleed May Not Leak Private SSL Keys After All

Heartbleed May Not Leak Private SSL Keys After All

After this week's massive Heartbleed bug, one of the biggest concerns was that the bug might leak a website's private SSL keys, the key to the green lock that secures data sent to users. It's especially dangerous because, if an attacker did access the keys, they could be used even after the server was patched, allowing attacks months or even years in the future.

"If it is possible, it is at a minimum very hard."

But today, the content distribution network CloudFlare has announced Heartbleed may not allow access to those private keys after all. In two weeks of testing, the company has been unable to successfully access private keys with Heartbleed, suggesting the attack may not be possible at all. "If it is possible, it is at a minimum...

Continue reading…

Read more at The Verge
 

Comments

Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFD211 Introduction to Linux for Developers
    08 Dec » 09 Dec - Virtual
    Details
  2. LFS220 Linux System Administration
    08 Dec » 11 Dec - Virtual
    Details
  3. LFD331 Developing Linux Device Drivers
    15 Dec » 19 Dec - Virtual
    Details

View All Upcoming Courses

Become an Individual Member
Check out the Friday Funnies

Sign Up For the Linux.com Newsletter


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board