BLURGH! The ThinkGeek Blog... Grok It!

About the Blurgh

ThinkGeek spews random stuff! Got questions, comments or suggestions?

Drop us a line at blog@thinkgeek.com

More ThinkGeek
Apr
17
2014

Recent SSL vulnerability news, aka "Heartbleed"

Heartbleed

Srs Timmy is srs for a minute:

As you may have seen in the news this last week, a previously unknown vulnerability dubbed "heartbleed" has been identified within the SSL architecture that affects many internet sites you visit over HTTPS.

The good news is that ThinkGeek.com is not one of the vulnerable sites. The vulnerability lies in a commonly used library called OpenSSL, which is used by many sites for both creating their certificates and managing their SSL connections. While we do use OpenSSL in a limited capacity, our actual site certificates are not handled by OpenSSL, and were not generated using OpenSSL. We will be conducting some patching in the coming weeks just to be safe, but you don't have to worry about this vulnerability affecting your experience on ThinkGeek.com. Huzzah!

[ post a comment ]

Comments

meaningless icon! That being said, if you use the same password on TG that you do elsewhere (which you shouldn't really do, but everyone does anyway) you still might want to change it, in case the other sites were compromised.
Adam Cthulhu said this 95 days ago.
meaningless icon! Damn! I thought this was a t-shirt
Encogneeto said this 95 days ago.

Post a Comment

Please log in to post.