{"id":218945,"date":"2014-04-10T20:38:02","date_gmt":"2014-04-10T16:38:02","guid":{"rendered":"http:\/\/savepearlharbor.com\/?p=218945"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T21:00:00","slug":"","status":"publish","type":"post","link":"https:\/\/savepearlharbor.com\/?p=218945","title":{"rendered":"Heartbleed: \u0447\u0442\u043e \u0433\u043e\u0432\u043e\u0440\u044f\u0442 \u0432\u0435\u043d\u0434\u043e\u0440\u044b<\/span>"},"content":{"rendered":"
\t\u041f\u043e\u043a\u0430 \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u044f, \u0432 \u0446\u0435\u043b\u043e\u043c, \u043e\u0442\u0445\u043e\u0434\u0438\u0442 \u043e\u0442 \u0443\u0434\u0430\u0440\u0430, \u043d\u0430\u043d\u0435\u0441\u0435\u043d\u043d\u043e\u0433\u043e \u0435\u0439 Heartbleed, \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u043f\u0440\u0435\u0441\u0441-\u0440\u0435\u043b\u0438\u0437\u044b \u0438 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u0437\u044a\u044f\u0441\u043d\u044f\u044e\u0442 \u0441\u0432\u043e\u044e \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u043a \u0441\u0430\u0431\u0436\u0443. \u041d\u0438\u0436\u0435 \u0434\u0430\u043d\u0430 \u0441\u043f\u0440\u0430\u0432\u043a\u0430 \u043f\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u0432\u0435\u043d\u0434\u043e\u0440\u0430\u043c \u0432 \u043a\u0440\u0430\u0442\u043a\u043e\u043c \u0432\u0438\u0434\u0435.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Facebook
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u044f\u0441\u043d\u043e
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u0414\u0430. We added protections for Facebook\u2019s implementation of OpenSSL before this issue was publicly disclosed. We haven\u2019t detected any signs of suspicious account activity, but we encourage people to\u2026 set up a unique password.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Tor
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e, \u0447\u0435\u0440\u0435\u0437 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430. If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.
\u0414\u0435\u0442\u0430\u043b\u044c\u043d\u0435\u0435 \u0441\u043c. https:\/\/blog.torproject.org\/blog\/openssl-bug-cve-2014-0160<\/a><\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: LinkedIn
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u0442
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u043d\u0435\u0442. We didn’t use the offending implementation of OpenSSL in www.linkedin.com<\/a> or www.slideshare.net<\/a>. As a result, HeartBleed does not present a risk to these web properties.<\/p>\n

<\/a>\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Tumblr
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u0434\u0430
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u0434\u0430. We have no evidence of any breach and, like most networks, our team took immediate action to fix the issue.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Twitter
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u044f\u0441\u043d\u043e
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u043d\u0435\u044f\u0441\u043d\u043e. On 4\/7\/2014 we were made aware of a critical vulnerability in OpenSSL (CVE-2014-0160), the security library that is widely used across the internet and at Twitter. We were able to determine that twitter.com and api.twitter.com servers were not affected by this vulnerability.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Apple
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u044f\u0441\u043d\u043e
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u043d\u0435\u044f\u0441\u043d\u043e.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Amazon
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u0442
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u043d\u0435\u0442. Amazon.com is not affected.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Google
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u0434\u0430
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u041b\u0443\u0447\u0448\u0435 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c. We have assessed the SSL vulnerability and applied patches to key Google services.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Microsoft
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u0442
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u041d\u0435\u0442. Microsoft services were not running OpenSSL, according to LastPass.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Yahoo
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u0434\u0430
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u0434\u0430. As soon as we became aware of the issue, we began working to fix it\u2026 and we are working to implement the fix across the rest of our sites right now.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: eBay
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u044f\u0441\u043d\u043e
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u043d\u0435\u044f\u0441\u043d\u043e. The vast majority of our services were not impacted and our users can continue to shop securely on our marketplace.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: GoDaddy
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u0434\u0430
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u0434\u0430. We\u2019ve been updating GoDaddy services that use the affected OpenSSL version.
\u0414\u0435\u0442\u0430\u043b\u044c\u043d\u0435\u0435 \u0441\u043c. godaddyblog.com\/open-ssl-heartbleed-weve-patched-servers\/<\/a>.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: PayPal
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u0442
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u043d\u0435\u0442. Your PayPal account details were not exposed in the past and remain secure.
\u0414\u0435\u0442\u0430\u043b\u044c\u043d\u0435\u0435 \u0441\u043c. www.paypal-community.com\/t5\/PayPal-Forward\/OpenSSL-Heartbleed-Bug-PayPal-Account-Holders-are-Secure\/ba-p\/797568<\/a><\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Dropbox
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u0434\u0430
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u0434\u0430. We\u2019ve patched all of our user-facing services & will continue to work to make sure your stuff is always safe.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Evernote
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u0442
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u043d\u0435\u0442. Evernote’s service, Evernote apps, and Evernote websites\u2026 all use non-OpenSSL implementations of SSL\/TLS to encrypt network communications.
\u0414\u0435\u0442\u0430\u043b\u044c\u043d\u0435\u0435 \u0441\u043c. discussion.evernote.com\/topic\/56287-heartbleed\/<\/a>.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: SoundCloud
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u0434\u0430
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u0434\u0430. We will be signing out everyone from their SoundCloud accounts\u2026 and when you sign back in, the fixes we\u2019ve already put in place will take effect.<\/p>\n

\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a: http:\/\/mashable.com\/2014\/04\/09\/heartbleed-bug-websites-affected\/#:eyJzIjoiZiIsImkiOiJfYzB3YTB6ZDlva3Q1cHhlZCJ9<\/a><\/p>\n

\u0421\u043c. \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043f\u043e Cisco, Fortinet, Novell, OpenVPN, redhat \u0438 \u0434\u0440.
http:\/\/isc.sans.edu\/diary\/Heartbleed+vendor+notifications\/17929<\/a> \t<\/p>\n

<\/div>\n<\/p><\/div>\n

\u0441\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b \u0441\u0442\u0430\u0442\u044c\u0438 http:\/\/habrahabr.ru\/company\/eset\/blog\/218945\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

\t\u041f\u043e\u043a\u0430 \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u044f, \u0432 \u0446\u0435\u043b\u043e\u043c, \u043e\u0442\u0445\u043e\u0434\u0438\u0442 \u043e\u0442 \u0443\u0434\u0430\u0440\u0430, \u043d\u0430\u043d\u0435\u0441\u0435\u043d\u043d\u043e\u0433\u043e \u0435\u0439 Heartbleed, \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u043f\u0440\u0435\u0441\u0441-\u0440\u0435\u043b\u0438\u0437\u044b \u0438 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u0437\u044a\u044f\u0441\u043d\u044f\u044e\u0442 \u0441\u0432\u043e\u044e \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u043a \u0441\u0430\u0431\u0436\u0443. \u041d\u0438\u0436\u0435 \u0434\u0430\u043d\u0430 \u0441\u043f\u0440\u0430\u0432\u043a\u0430 \u043f\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u0432\u0435\u043d\u0434\u043e\u0440\u0430\u043c \u0432 \u043a\u0440\u0430\u0442\u043a\u043e\u043c \u0432\u0438\u0434\u0435.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Facebook
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u044f\u0441\u043d\u043e
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u0414\u0430. We added protections for Facebook\u2019s implementation of OpenSSL before this issue was publicly disclosed. We haven\u2019t detected any signs of suspicious account activity, but we encourage people to\u2026 set up a unique password.<\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: Tor
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e, \u0447\u0435\u0440\u0435\u0437 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430. If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.
\u0414\u0435\u0442\u0430\u043b\u044c\u043d\u0435\u0435 \u0441\u043c. https:\/\/blog.torproject.org\/blog\/openssl-bug-cve-2014-0160<\/a><\/p>\n

\u0421\u0435\u0440\u0432\u0438\u0441<\/b>: LinkedIn
\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e<\/b>: \u043d\u0435\u0442
\u041d\u0443\u0436\u043d\u043e \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c?<\/b>: \u043d\u0435\u0442. We didn’t use the offending implementation of OpenSSL in www.linkedin.com<\/a> or www.slideshare.net<\/a>. As a result, HeartBleed does not present a risk to these web properties.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-218945","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/218945","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=218945"}],"version-history":[{"count":0,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/218945\/revisions"}],"wp:attachment":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=218945"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=218945"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=218945"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}