Home News Enterprise Computing Systems Management Heartbleed May Not Leak Private SSL Keys After All

Heartbleed May Not Leak Private SSL Keys After All

After this week's massive Heartbleed bug, one of the biggest concerns was that the bug might leak a website's private SSL keys, the key to the green lock that secures data sent to users. It's especially dangerous because, if an attacker did access the keys, they could be used even after the server was patched, allowing attacks months or even years in the future.

"If it is possible, it is at a minimum very hard."

But today, the content distribution network CloudFlare has announced Heartbleed may not allow access to those private keys after all. In two weeks of testing, the company has been unable to successfully access private keys with Heartbleed, suggesting the attack may not be possible at all. "If it is possible, it is at a minimum...

Continue reading…

Read more at The Verge


Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFS220 Linux System Administration
    30 Nov » 03 Dec - Virtual
  2. LFS416 Linux Security
    07 Dec » 10 Dec - Virtual
  3. LFD411 Embedded Linux Development
    07 Dec » 11 Dec - Atlanta

View All Upcoming Courses

Check out the Friday Funnies

Sign Up For the Newsletter

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Linux Training / Board