Hi all,
Just thought I'd pass this along.
It's tax season. And millions of people use turbotax.com. According to
SSL Labs and Lastpass, the site is not and was not vulnerable to the
Heartbleed attack.
HOWEVER ...
The site receives a GRADE of F on the SSL Labs test!
It says ...
This server is vulnerable to MITM attacks because it supports insecure
renegotiation
<https://community.qualys.com/blogs/securitylabs/2009/11/05/ssl-and-tls-authentication-gap-vulnerability-discovered>.
Grade set to F.
I find that disgusting and worrisome. Hopefully, there aren't too many
men in the middle. I'm assuming the NSA is sitting there anyway.
Sincerely,
Ron
--
(PS - If you email me and don't get a quick response, you might want to
call on the phone. I get about 300 emails per day from alternate energy
mailing lists and such. I don't always see new email messages very quickly.)
Ron Frazier
770-205-9422 (O) Leave a message.
linuxdude AT techstarship.com
_______________________________________________
tech-chat mailing list
[email protected]
http://lists.linuxmoose.com/mailman/listinfo/tech-chat
