Author: Joe
Date:
To: hackmeeting
Subject: Re: [Hackmeeting] GAME OVER
On 10/04/14 16:58, brno wrote:
> On 10/04/2014 10:21, Fabio Pietrosanti (naif) wrote:
>> Il 4/10/14, 10:14 AM, Gabriele Jon Ficarelli ha scritto:
>>> 2014-04-10 10:09 GMT+02:00 Fabio Pietrosanti (naif)
>>> <lists@???>:
>>>
>>>> * Nessun exploit ha ancora tirato fuori una private key
>>>>
>>> http://seclists.org/fulldisclosure/2014/Apr/112
>> Esatto, ho riportato questa discussione su mlist tor-talk:
>> https://lists.torproject.org/pipermail/tor-talk/2014-April/032640.html
>>
>> Quindi solo se usi FreeBSD hai la private key disclosed ma se usi Linux
>> sei OK?
>>
>
> io non darei giudizi affrettati, poi bisogna ritrattarli come questo
> http://blog.erratasec.com/2014/04/why-heartbleed-doesnt-leak-private-key.html?m=1
>
>
> in reazione a questo:
> https://twitter.com/julianor/status/454015858042757120
>
E infatti...
https://twitter.com/indutny/status/454773820822679552
no no, non rigenerate le chiavi mi raccomando...
Joe