The A List Apart Blog Presents:

The Heartbleed Bug (or: You Should Consider SSL Unsafe for a While)

by Tim MurtaughApril 08, 2014August 12, 2019

Published in Uncategorized

Article Continues Below

If you run a server that uses SSL and the OpenSSL library, you need to update it. If you regularly visit a site that uses SSL (and I can’t imagine you don’t), you should try to limit your visits today. Once the dust has settled, we should all change our passwords. Pretty much everywhere.

In short, yesterday the OpenSSL Project released an update that addresses a vulnerability in the OpenSSL library. Officially named CVE-2014-0160, the Heartbleed bug has been around—and un-identified—for a long time. It’s not known if the vulnerability has been exploited, but it’s theoretically possible that someone has been snooping on transmissions we thought were secure. It’s very likely that bad guys are snooping on un-patched servers now, so be careful which services you log in to today.

Visit Heartbleed.com for a lot more information, and anyone running a server should consider these words from Cody Sorland:

Ubuntu servers running nginx/SSL? sudo apt-get update && sudo apt-get dist-upgrade sudo restart nginx Do it now. #heartbleed

— Cody Soyland (@codysoyland) April 8, 2014

Be careful out there.

1 Reader Comments

Keith Davis says:

April 8, 2014 at 3:50 pm

Just contacted my hosting provider and gave him a link to this article.

Thanks for posting.

Got something to say?

We have turned off comments, but you can see what folks had to say before we did so.

More from ALA

Design for Amiability: Lessons from Vienna

by Mark Bernstein

Computing was born in a Viennese café. Between 1928 and 1934, while Hitler plotted and Europe crumbled, a motley crew of mathematicians, philosophers, architects, and economists gathered weekly to puzzle out the limits of reason—and invented Computer Science in the process. What made their collaboration possible wasn't just brilliance (though they had plenty). It was amiability: the careful design of a social space where difficult people could disagree without destroying each other. Longtime A List Apart contributing author Mark Bernstein mines this forgotten history for lessons that might just save today's embattled web from its worst impulses. Spoiler: it involves better coffee service and the looming threat of public humiliation.

Design Dialects: Breaking the Rules, Not the System

by Michel Ferreira

Design systems aren't component libraries—they’re living languages. Rigid adherence to visual rules creates brittle systems that break under contextual pressure. Fluent systems bend without breaking.

An Holistic Framework for Shared Design Leadership

by Michel Ferreira

Having both a Design Manager and a Lead Designer on the same team is beautiful, but can be messy. To make it work without creating confusion, overlap, or “too many cooks,” check Michel Ferreira’s Holistic Framework for Shared Design Leadership.

From Beta to Bedrock: Build Products that Stick.

by Liam Nugent

Building towards bedrock means sacrificing some short-term growth potential in favour of long-term stability. But the payoff is worth it: products built with a focus on bedrock will outlast and outperform their competitors, and deliver sustained value to users over time. Liam Nugent shows us how.

User Research Is Storytelling

by Gerry Duffy

At a time when budgets for user experience research seem to have reached an all-time low, how do we get stakeholders and executives alike invested in this crucial discipline? Gerry Duffy walks us through how the research we conduct is much like telling a compelling story, complete with a three-act narrative structure, character development, and conflict resolution—with a happy ending for researchers and stakeholders alike.

Like this:

1 Reader Comments

Got something to say?

More from ALA

Discover more from A List Apart