Follow Me

twitter_logo    facebook    G+    In

Subscribe via E-mail

 

Latest Posts

VOXOX Blog

Voxox Not Vulnerable to Heartbleed

Posted by Kevin Hertz on Tue, Apr 15, 2014 @ 03:35 PM

    

You've probably heard all the hubbub about "heartbleed," an exploit of the very commonly used openSSL library, which has the potential to leak up to 64k of SSL or TLS encrypted data passed in a heartbeat response. The Voxox IT team has run a full system assessment and is happy to report that we are not susceptible to the exploit.  

Heartbleed

The reason we are not susceptible is primarily based on our network design. Voxox does not have any servers running openSSL that are directly accessible from the public internet. Instead, we use SSL concentrators that act as a reverse proxy. We have confirmed with the manufacturer that the version of their system we use is not affected by the heartbleed exploit. 

That all being said, in the interest of good housekeeping, our team is currently patching every server that runs openSSL, even though they are not reachable from outside our network.

For a good list of passwords you should change right now, check out this list being kept up to date by Mashable.