Earlier this month a serious vulnerability dubbed “Heartbleed” was discovered in the popular open-source security library OpenSSL which compromised a large percentage of websites great and small across the internet.
The implications were frightening; many servers running the affected library could be coerced in to revealing passwords and other sensitive data with relative ease. The technical details are documented in various places but XKCD provides a simplified explanation of how the exploit works.
Heartbleed has now been fixed and since VOZ is currently in development on a test server it has not been affected by the bug. As we approach a public beta over the next few months VOZ will be migrating to a new private and secure live server which has already been patched with the OpenSSL fix.
Over the migration period we will be highlighting some further privacy and security features on this blog.