Two Takes View TECHi Stance

Hackers can now see private discussions thanks to an OpenSSL bug

TECHi's Author
Opposing Author Arstechnica Read Source Article
Last Updated
Arstechnica
Arstechnica View all Arstechnica Two Takes by TECHi Read the original story Published June 6, 2014
TECHi's Take
Jesseb Shiloh
Jesseb Shiloh
  • Words 99
  • Estimated Read 1 min

The world hasn’t yet recovered from the Heartbleed vulnerability in OpenSSL and now there’s news of a new bug affecting the popular open-source security package. This recently announced, and already patched, exploit could allow an attacker to see and modify traffic between an OpenSSL client and an OpenSSL server. This sounds worse than it really is. The extent of the issue is extremely limited because we’re talking about specific versions of OpenSSL server. Plus, you need to be using that same server software on a client application, and the attack itself is quite a complicated affair.

Arstechnica

Arstechnica

  • Words 135
  • Estimated Read 1 min
Read Article

A researcher has uncovered another severe vulnerability in the OpenSSL cryptographic library. It allows attackers to decrypt and modify Web, e-mail, and virtual private network traffic protected by the transport layer security (TLS) protocol, the Internet’s most widely used method for encrypting traffic traveling between end users and servers. The TLS bypass exploits work only when traffic is sent or received by a server running OpenSSL 1.0.1 and 1.0.2-beta1, maintainers of the open-source library warned in an advisory published Thursday. The advisory went on to say that servers running a version earlier than 1.0.1 should update as a precaution. The vulnerability has existed since the first release of OpenSSL, some 16 years ago. Library updates are available on the front page of the OpenSSL website. People who administer servers running OpenSSL should update as soon as possible.

Source

NOTE: TECHi Two-Takes are the stories we have chosen from the web along with a little bit of our opinion in a paragraph. Please check the original story in the Source Button below.

Balanced Perspective

TECHi weighs both sides before reaching a conclusion.

TECHi’s editorial take above outlines the reasoning that supports this position.

More Two Takes from Arstechnica

The FCC has approved America’s strongest-ever net neutrality rules
The FCC has approved America’s strongest-ever net neutrality rules
Carl
Carl

The strongest net neutrality rules that the United States has ever seen were approved by the FCC in a highly-anticipated…

Yahoo argues about crypto backdoors with the NSA
Yahoo argues about crypto backdoors with the NSA
Louie
Louie

It's been almost a year and a half since it was revealed that the NSA installed backdoors into several common cryptography…

The founder of 4chan has decided to leave the website
The founder of 4chan has decided to leave the website
Jesseb
Jesseb

Regardless of how you feel about 4chan, you can't deny how important the website has been in making the internet what…

T-Mobile introduces a brilliant new data rollover program
T-Mobile introduces a brilliant new data rollover program
Rocco
Rocco

T-Mobile may be an “Un-carrier” but it’s not a charity, it’s here to make money. So while its new Data Stash…