Linux.com

Home News Enterprise Computing Systems Management Heartbleed May Not Leak Private SSL Keys After All

Heartbleed May Not Leak Private SSL Keys After All

After this week's massive Heartbleed bug, one of the biggest concerns was that the bug might leak a website's private SSL keys, the key to the green lock that secures data sent to users. It's especially dangerous because, if an attacker did access the keys, they could be used even after the server was patched, allowing attacks months or even years in the future.

"If it is possible, it is at a minimum very hard."

But today, the content distribution network CloudFlare has announced Heartbleed may not allow access to those private keys after all. In two weeks of testing, the company has been unable to successfully access private keys with Heartbleed, suggesting the attack may not be possible at all. "If it is possible, it is at a minimum...

Continue reading…

Read more at The Verge
 

Comments

Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFD320 Linux Kernel Internals and Debugging
    03 Nov » 07 Nov - Virtual
    Details
  2. LFS416 Linux Security
    03 Nov » 06 Nov - Virtual
    Details
  3. LFS426 Linux Performance Tuning
    10 Nov » 13 Nov - Virtual
    Details

View All Upcoming Courses

Become an Individual Member
Check out the Friday Funnies

Sign Up For the Linux.com Newsletter


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board