{"id":2237,"date":"2014-04-08T18:32:09","date_gmt":"2014-04-08T18:32:09","guid":{"rendered":"http:\/\/astraea.net\/blog\/?p=2237"},"modified":"2014-04-10T09:33:08","modified_gmt":"2014-04-10T09:33:08","slug":"you-might-want-to-stay-off-the-internet-for-a-while","status":"publish","type":"post","link":"https:\/\/www.astraea.net\/blog\/you-might-want-to-stay-off-the-internet-for-a-while\/","title":{"rendered":"&#8220;You might want to stay off the internet for a while&#8221;"},"content":{"rendered":"<p>Mmmmmmmm.<\/p>\n<p>That doesn&#8217;t sound good.\u00a0 Especially since its from a credible source whose enterprise is entirely concerned with privacy and anonymity on the internet.\u00a0 From the Tor website:<\/p>\n<p style=\"padding-left: 30px;\"><strong>OpenSSL bug CVE-2014-0160\u00a0 Posted April 7th, 2014<\/strong><\/p>\n<p style=\"padding-left: 30px;\">A new OpenSSL vulnerability on 1.0.1 through 1.0.1f is out today, which <a href=\"https:\/\/www.openssl.org\/news\/vulnerabilities.html#2014-0160\" rel=\"nofollow\">can be used to reveal memory to a connected client or server<\/a>.<\/p>\n<p style=\"padding-left: 30px;\">If you&#8217;re using an older OpenSSL version, you&#8217;re safe.<\/p>\n<p style=\"padding-left: 30px;\"><a href=\"https:\/\/blog.torproject.org\/blog\/openssl-bug-cve-2014-0160\">Read on&#8230;<\/a><\/p>\n<p>\u00a0The BBC put out the word:<\/p>\n<p id=\"story_continues_1\" style=\"padding-left: 30px;\">A bug in software used by millions of web servers could have exposed anyone visiting sites they hosted to spying and eavesdropping, say researchers.<\/p>\n<p style=\"padding-left: 30px;\">The bug is in a software library used in servers, operating systems and email and instant messaging systems.<\/p>\n<p style=\"padding-left: 30px;\">Called OpenSSL the software is supposed to protect sensitive data as it travels back and forth.<\/p>\n<p style=\"padding-left: 30px;\">It is not clear how widespread exploitation of the bug has been because attacks leave no trace.<\/p>\n<p style=\"padding-left: 30px;\"><a href=\"http:\/\/www.bbc.com\/news\/technology-26935905\">Read more &#8230;<\/a><\/p>\n<p>Because we&#8217;ve an addict in the house (he keeps it under control), I happened to notice the report that Minecraft went offline while servers were patched.<\/p>\n<p>Update; BBC: <a href=\"http:\/\/www.bbc.com\/news\/technology-26954540\">Heartbleed Bug: Tech firms urge password reset<\/a><\/p>\n<p>BloombergBusinessWeek: <a href=\"http:\/\/www.businessweek.com\/articles\/2014-04-09\/why-heartbleed-the-latest-cybersecurity-scare-matters?campaign_id=DN040914\">Why Heartbleed, the Latest Cybersecurity Scare, Matters<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mmmmmmmm. That doesn&#8217;t sound good.\u00a0 Especially since its from a credible source whose enterprise is entirely concerned with privacy and anonymity on the internet.\u00a0 From the Tor website: OpenSSL bug CVE-2014-0160\u00a0 Posted April 7th, 2014 A new OpenSSL vulnerability on 1.0.1 through 1.0.1f is out today, which can be used to reveal memory to a &hellip;<br \/><a href=\"https:\/\/www.astraea.net\/blog\/you-might-want-to-stay-off-the-internet-for-a-while\/\" class=\"more-link pen_button pen_element_default pen_icon_arrow_double\">Continue reading <span class=\"screen-reader-text\">&#8220;You might want to stay off the internet for a while&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[26,14],"tags":[],"class_list":["post-2237","post","type-post","status-publish","format-standard","hentry","category-ict","category-risk-and-terror"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4hwcd-A5","jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/www.astraea.net\/blog\/wp-json\/wp\/v2\/posts\/2237","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.astraea.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.astraea.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.astraea.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.astraea.net\/blog\/wp-json\/wp\/v2\/comments?post=2237"}],"version-history":[{"count":4,"href":"https:\/\/www.astraea.net\/blog\/wp-json\/wp\/v2\/posts\/2237\/revisions"}],"predecessor-version":[{"id":2256,"href":"https:\/\/www.astraea.net\/blog\/wp-json\/wp\/v2\/posts\/2237\/revisions\/2256"}],"wp:attachment":[{"href":"https:\/\/www.astraea.net\/blog\/wp-json\/wp\/v2\/media?parent=2237"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.astraea.net\/blog\/wp-json\/wp\/v2\/categories?post=2237"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.astraea.net\/blog\/wp-json\/wp\/v2\/tags?post=2237"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}