Security update: the “Heartbleed Bug”

You have likely read about the so-called “Heartbleed Bug” which has affected over 60% of servers on the Internet. We felt it would be appropriate to update you on that status of our system and the actions we have taken to ensure that your account and data is safe and secure.

 

What is the Heartbleed Bug?

The Heartbleed Bug is a vulnerability in a very popular cryptographic software library called OpenSSL. OpenSSL is used by many servers to manage connections that have been secured with SSL. If you use webmail or have ever shopped online, you have used SSL. For very detailed information about this bug, visit the Heartbleed Bug Web site.

 

Was Edison Nation vulnerable?

Edison Nation was using a version of OpenSSL that was vulnerable to the bug. However, our system is designed in a way that would have made an attack through the bug very unlikely. We have found no signs of intrusions and we have tested our site prior to fixing the bug and were unable to utilize the bug to compromise our system.

 

What steps has Edison Nation taken to address this problem?

We have updated OpenSSL to a safe version that is not vulnerable to the Heartbleed bug.

We have regenerated and installed all new security certificates, rendering the old ones, which could have theoretically been compromised, inoperable.

We have logged out all users remotely to remove any security keys that could have been theoretically compromised.

 

What steps should you take as a user of Edison Nation?

Technically, you don’t need to do anything. However, it is a good idea to regularly change your password on any system that requires one and now would be a great time to do so. You can do that by logging in with your current email address and password and then visiting this page: My account.?Once there, click “Edit account details” and change your password.

If you have any questions or concerns, please reach out to us via our Support Site.

8 Comments Security update: the “Heartbleed Bug”

  1. Kathleen

    I think the Beartbleed Bug is what’s causing my log in problem on EN. This only happens when I try to sing onto my EN account with Google Chrome. I am able to get signed on through Foxfire with no problem. Here is a screen shot of what I get every time I try logging on through Google Chrome:

    Any advice on how to clear this up would be appreciated. Until then, I’ll just use FireFox and be on the safe side.

    Kathleen C

  2. mfg

    I think I may have the same problem Kathleen has. It started a little over a week ago so I look forward to any updates you share on a resolution. thanks

Comments are closed.