OpenSSL Project details vulnerability alert policy

The group behind the OpenSSL cryptographic library that enables Web site encryption says it doesn't give advance notice of vulnerabilities to any organization, no matter how much they charge. "We strongly believe that the

Published on: September 9th, 2014 Howard Solomon

Heartbleed exposed cache problem: Researchers

Most IT security pros think of the Heartbleed bug as a software vulnerability in some versions of the OpenSSL software library. Certainly that's what they thought last April when the first word of

Published on: August 17th, 2014 Howard Solomon

OpenSSL and other open projects to get money for security audits

One of the problems with some open source software is there sometimes aren't enough volunteer developers to comb through code to ensure there are no holes. That appears to have been the problem that

Published on: May 29th, 2014 Howard Solomon

Many Canadian firms still vulnerable to Heartbleed: Consultant

More than 40,000 computer systems, including some run by large enterprises, were still vulnerable to the Heartbleed bug more than a month after the world was alerted to the problem and probably still

Published on: May 21st, 2014 Howard Solomon

Now: Google Play Music. Later: Android Silver (maybe)

On Monday, Google Canada launched the Google Play Music service in Canada. Previously available south of the border, Google finally added one more piece to the whole Android multimedia experience for those of

Published on: May 6th, 2014 Sean Carruthers

New flaw ‘found’ in patched OpenSSL likely a fake, experts say

It’s getting so you just can’t trust hackers any more. According to Computerworld U.S., security experts doubt the validity of a hacker claim that there’s a new vulnerability in the patched, post-Heartbleed version of

Published on: April 28th, 2014 Andrew Brooks

Finally, some real money for OpenSSL?

Sometimes it takes a crisis to get people to pay attention. The Heartbleed bug definitely counts as a crisis, and the people responsible for OpenSSL now have reason to hope they'll be taken

Published on: April 24th, 2014 Andrew Brooks

What we learned from Heartbleed

I put this out not to show what I know, but to start a discussion if possible.  What did you learn from Heartbleed? Never waste a good crisis.  I forget who said that,

Published on: April 22nd, 2014 Jim Love

Heartbleed update: Things are better

The world continues to recover from the revelation of the Heartbleed vulnerability in many versions of OpenSSL, with Web sites, vendors and organizations scouring their systems for the problem. According to ComputerWorld U.S., by

Published on: April 21st, 2014 Howard Solomon