By now, everyone knows about the Heartbleed vulnerability in the HTTPS and all the problems it has caused.
According to Akamai, it’s not over. The company has a hand in about 30% of all internet traffic and helped build the patch for OpenSSL. Chief security officer Andy Ellis says the problem is only half-fixed:
In short: we had a bug. An RSA key has 6 critical values; our code would only attempt to protect 3 parts of the secret key, but does not protect 3 others.
Looks like we’ll be changing our passwords again. CNet has more.
