[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 08/04/14 19:39, Martijn Grooten wrote: > > I was going to send you this post and the discussion below: > > http://blog.cloudflare.com/staying-ahead-of-openssl-vulnerabilities > > but perhaps you've read it already. My comments on the page are a bit of a give away ;) I was patching servers, and learning about TLS most of the day. That there is more for me to learn about TLS is probably the root of the problem, it is too complex. >>>> http://filippo.io/Heartbleed/ >>> >>> This one gives false positives. >> >> You sure. I had one I suspected as a false positive, but otherwise it >> seems reliable. > > It now says "There should not be false results anymore" so I had good > reason to be sure, but it's probably been fixed. I know it was giving false negatives when overloaded. It's evolved a fair bit today - hats off to the guy for delivering it so fast and scaling it during the day. My efforts at devops pale in comparison. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq