Heartbleed - a catastrophe

According to Bruce Schneier, the “Heartbleed” OpenSSL bug is a catastrophic one.

Attackers can access all of a server’s memory, including user names, passwords, private keys - anything at all.

It’s probably safer not to use Internet banking and other services that rely on SSL to secure HTTP sessions for the time being, until your financial institution’s encryption libraries have been confirmed to be patched.

Fortunately, none of our products use OpenSSL, and so CompleteFTP, edtFTPj/PRO and edtFTPnet/PRO are not affected by “Heartbleed”.

Posted by John Faulds in