OBiTALK Community

General Support => OBiTALK Web Portal => Topic started by: st167 on April 09, 2014, 05:47:40 PM

Title: obitalk.com affected by heartbleed bug ??
Post by: st167 on April 09, 2014, 05:47:40 PM
Looks like www.obitalk.com is affected by heartbleed bug.
I'm no expert in all these but any idea if it's true or not? and if yes, then I hope OBi people are working to fix it.

Time to change password !  :'(

https://www.ssllabs.com/ssltest/analyze.html?d=obitalk.com
Title: Re: obitalk.com affected by heartbleed bug ??
Post by: wvoc on April 19, 2014, 11:14:18 AM
Bump for this. Simple bot testing I did a few minutes ago shows obitalk.com was at least patched, but we need an official response to your question.

If it was effected and patched, but the private keys were not revoked and reissued, then updating to fix CVE-2014-0160 is almost meaningless as the private keys may already be in the wild (meaning complete security breech in perpetuity till certs revoked and reissued). So Obihai needs to tell us if it was effected and, if so, whether they have completed all the steps necessary to fix.
Title: Re: obitalk.com affected by heartbleed bug ??
Post by: Marc on April 30, 2014, 08:33:24 AM
Any official word on this from Obihai/obitalk?