Blog

OpenSSL usage on OSS-hosted and managed sites and Heartbeat vulnerability question.

Apr 10th, 2014 by Roman Blanyar

Heartbeat vulnerability is an exploit within OpenSSL, an open-source implementation of the SSL and TLS protocols.

Off-Site Services, Inc. (OSS) does not use OpenSSL certificates on any of the sites it hosts and manages.  OSS uses OpenSSL to generate CSR public key containing non-sensitive information about the site, and a private key, which is not distributed to anyone outside OSS.  This information is then used to generate and purchase an SSL certificate from one of the major SSL providers, such as Thawte, Verisigin, or Geotrust.  

As of 4/9/14, all required patches and updates were applied to OpenSSL on all servers managed and hosted by OSS.  However, on 4/10/14, Symantec issued an update to their advisory, suggesting that all existing certificates are replaced and re-keyed (http://www.symantec.com/connect/blogs/heartbleed-openssl-take-action-now).

In light of this new advisory, we suggest all of our customers currently hosting their sites with OSS or having OSS manage their site replace their SSL certificates.  Please contact your OSS representative if you require a new CSR key.

Categories:

wordpressSEOweb designWeb DevelopmentHTML5productionresponsive designDrupaldesignCSSPhotoshopsecurityADAgooglebeta testingautomationharness-btoolsGoogle AnalyticsTestingmarketingFlashproduction tipstypographyAdobe Museweb imagesite speedintegrationswebsite buildingtechnologiesJavaScriptfirefoxbrowsercomplianceserver securityquality controlfontsthemesMicrosoftmodulesApplemobile websiteapp developmentplug-inAPIweb standardsweb preflightiOSInDesignE-commerceOpenSSLSSLIE8JSONQAmobile devicestabletsAdobe AirRIAsInteraction MetricsAdvertisingLong TailExporting from InDesign to PhotoshopInDesign to Photoshop conversionresponsive buildWordpress pluginshorizontal layoutBacklinksAdobegTLDscustom domain suffixesdevelopmentwireframeaugmented realityweb awardprogramming awardPhotoshop Layer compsdesign best practicesmobile app challengeapp lifespannon-Flash animationHTML5 animationAdobe EdgeiPad screen templateICANNweb development awardvertical layoutvideo playbackfaildudrevolutionary softwareInDesign to HTMLcommunicationclienthtmlimage sizesoftwareimage compressionweb compatibilitybreakpointresponsive statePDFAdobe Edge ReflowconvertingEdge ReflowParfaitweb design softwareogvcloudawardhostseleniumFoundationBootstrapCKEditor3rd partyAppleScriptecommercetechnologycollaborateupdatevulnerabilityCMSwebsiteiPhoneCSS3Ps. and CSS HatProject Parfaithigh fidelityconceptcodecwebmformatweb developerssidney garberVideos and animations3D views of modelsDetroit Diesel CorporationMercedes-BenziTunescustom fontsHTML4web-fontsRGBweb colorsrelationship marketingOSSW3Cfragmented technology landscapeAndroidvideo sizegammamp4microsoft’s project natalUDIDvideoCVE-2014-0224integrationLinkedInFacebookWindows XPInternet Explorer 8interactive banner adsbrochurewaresony playstationinstant video playback solutionHeartbeatonline subscriptionWebOSabletCMS for Flashoptimizednintendo wiioutsourcing
Max's interview for Sonntags Zeitung

Jan 25th, 2012 by Max Tokman

http://info.sonntagszeitung.ch/archiv/detail/?newsid=201959   The just of Max's responses was that HTML5 is gaining ground due to the explosive growth in the market share of tablets and other mobile devices, which do not use Flash, and HTML5 with its features is well suited to replace Flash. This forces make

Harness-B for Basecamp Classic now allows others to see your workload!

Jan 13th, 2016 by Max Tokman

If you get swamped with tasks, let your slacker colleagues see your workload and take up some of the burden.  Whether they’ll do it is another matter entirely. Tip of the hat to Bryan Kuester for suggesting this feature.