Security

Security | News, how-tos, features, reviews, and videos

Users, admins, developers: Here’s what to do about Heartbleed

Heartbleed is bad, but you can mitigate its damage, albeit via different approaches for users, admins, and developers

Apr 14, 2014 5 mins

Stop laying the blame for Heartbleed on open source

Security experts acknowledge that open source is the best model for crypto, so how do we drive improvements to the model for creating security-critical infrastructure?

Apr 14, 2014 7 mins

Encryption Open Source Security

Obama backs disclosing software vulnerabilities in most cases

The administration said information may be withheld for national security and law enforcement needs

Apr 14, 2014 3 mins

Application Security Careers Technology Industry

Tests confirm Heartbleed bug can expose server’s private key

Security company CloudFlare said the findings show how dangerous the OpenSSL bug is

Apr 14, 2014 3 mins

Data and Information Security Encryption Open Source

Akamai admits its OpenSSL patch was faulty, reissues keys

It took a security researcher 15 minutes to find a hole in Akamai's OpenSSL code tweak, used for a decade to shield customers from the Heartbleed bug

Apr 14, 2014 4 mins

Data and Information Security Encryption Open Source

Microsoft confirms it’s dropping Windows 8.1 support

Microsoft TechNet blog makes clear that Windows 8.1 will not be patched; users must get Windows 8.1 Update if they want security patches

Apr 14, 2014 4 mins

Patch Management Software Small and Medium Business Technology Industry

3 big lessons to learn from Heartbleed

The devastating OpenSSL vulnerability proves the importance of data center orchestration, the wisdom of running older versions, and the need to give back to the OpenSSL project

Apr 14, 2014 6 mins

Encryption Open Source Technology Industry