Categories: Uncategorized

How we protected you from Heartbleed

Categories: Uncategorized

How we protected you from Heartbleed

Apr 10, 2014

As you may have read, an extremely serious bug nicknamed Heartbleed was found in how data is encrypted in transit on the Internet this week.  The Heartbleed Bug affects the OpenSSL framework which is used by many websites to privately send data to and from an Internet server. Some estimate that as much as 66% of Internet traffic is potentially vulnerable to this bug.

We want you to know that we’ve made Thismoment’s platform completely safe from Heartbleed, and this is how we’ve kept your data safe and sound:

  • As soon as we were made aware of Heartbleed, we started researching the details of the bug, what parts of our platform were affected and how we needed to patch our servers.

  • We deployed the updated OpenSSL libraries to our entire fleet of servers.

  • We have updated our Amazon image used for starting up new servers to include the patch.

  • We are in the process of renewing all of our SSL certificates along with any custom domain certificates on your behalf.  This will be done by the end of this week.

  • We logged out all users to ensure that everyone would create new, secure connections.

  • To be as safe as possible we also suggest you change your password.  You can do so by logging into your DEC, clicking on the gear icon next to your name and selecting Reset Password.  Alternatively you can reset your password from the login page.

Want to know more about the Heartbleed Bug?

A personal account of what happened in more technical detail was written by Duncan Davidson from Wunderlist.

Scott bedard
Contributor Bio:
Comments
No comments found.
Leave A Comment