8 Apr
2014
8 Apr
'14
8:14 a.m.
On Tue, Apr 8, 2014 at 4:35 AM, Randy Bush <randy@psg.com> wrote:
I'm really surprised no one has mentioned this here yet...
we're all to damned busy updating and generating keys
you might like (thanks smb, or was it sra)
openssl s_client -connect google\.com:443 -tlsextdebug 2>&1| grep 'server extension "heartbeat" (id=15)' || echo safe
That just tells you whether the heartbeat extension is supported. Google servers are not vulnerable to this attack. - Max