Ddating web site related 2 txt 2
Considering the long exposure, ease of exploitation and attacks leaving no trace this exposure should be taken seriously. Encryption is used to protect secrets that may harm your privacy or security if they leak.
In order to coordinate recovery from this bug we have classified the compromised secrets to four categories: 1) primary key material, 2) secondary key material and 3) protected content and 4) collateral.
SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the Open SSL software.
All this has to be done by the owners of the services.
Bug is in the Open SSL's implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520).
When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server.
We have tested some of our own services from attacker's perspective.
We attacked ourselves from outside, without leaving a trace.