68°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

Tuesday, April 8, 2014

← Older → Newer
  • 12:43am
    Asleep
    7:21am
    Awake
    6h 37m
    Slept
    21m
    Awake for
    Home in Portland, Oregon, USA
    Tue, Apr 8, 2014 7:21am -07:00
  • Aaron Parecki
    So wait, a malicious server can also #heartbleed clients too?
    Portland, Oregon, USA
    Tue, Apr 8, 2014 12:59pm -07:00 #heartbleed
  • Aaron Parecki
    Let me rephrase that: If you run an API that sends webhooks, your users can #heartbleed your API servers
    Portland, Oregon, USA
    1 like 4 reposts 1 reply
    Tue, Apr 8, 2014 1:26pm -07:00 #heartbleed
  • Aaron Parecki
    So uh, how can I confirm my Ruby is actually using the recompiled OpenSSL (Ubuntu 12.04) #heartbleed
    Portland, Oregon, USA
    1 reply
    Tue, Apr 8, 2014 2:59pm -07:00 #heartbleed
  • Erik Berlin https://twitter.com/sferik   •   Apr 8
    To check the version of OpenSSL Ruby was built with:
    ruby -r openssl -e 'puts OpenSSL::OPENSSL_VERSION'
    Anything below 1.0.1g is vulnerable.
    Aaron Parecki
    @JamesChevalier @sferik Thanks but on Ubuntu `openssl version` always says "OpenSSL 1.0.1 14 Mar 2012" even for the correctly patched version. #heartbleed http://askubuntu.com/questions/444702/how-to-patch-cve-2014-0160-in-openssl
    Portland, Oregon, USA
    2 replies
    Tue, Apr 8, 2014 3:06pm -07:00 #heartbleed
  • How to test and confirm OpenSSL is updated for Nginx and Ruby on Ubuntu 12.04

    A quick guide to updating OpenSSL on Ubuntu 12.04 running Nginx and Ruby and verifying that your system is safe from the Heartbleed bug.
    continue reading...
    7 likes 6 reposts 11 replies 2 mentions
    Tue, Apr 8, 2014 3:16pm -07:00 #heartbleed #ops #ubuntu #linux #openssl #ssl
  • https://twitter.com/veganstraightedge/status/453680134159994880
    Aaron Parecki
    @veganstraightedge Actually looks like Instagram is 500'ing for me...
    Portland, Oregon, USA
    Tue, Apr 8, 2014 4:50pm -07:00 #flickstagram
  • Erik Berlin https://twitter.com/sferik   •   Apr 8
    @aaronpk @JamesChevalier Wow. That’s horrible.
    Aaron Parecki
    @sferik Yep. I managed to track it down tho: http://aaronparecki.com/articles/2014/04/08/1/ #heartbleed
    Portland, Oregon, USA
    Tue, Apr 8, 2014 4:57pm -07:00 #heartbleed
  • @matt@biddul.ph https://twitter.com/mattb   •   Apr 9
    @aaronpk you can also do this to get the specific openssl version: strings /lib/x86_64-linux-gnu/libssl.so.1.0.0 | grep "^OpenSSL "
    Aaron Parecki
    @mattb Unfortunately that *also* just returns "OpenSSL 1.0.1 14 Mar 2012". Thanks Ubuntu.
    Portland, Oregon, USA
    Tue, Apr 8, 2014 5:09pm -07:00
  • @matt@biddul.ph https://twitter.com/mattb   •   Apr 9
    @aaronpk on my box I got "OpenSSL 1.0.1e 11 Feb 2013". perhaps you really do have exactly version 1.0.1?
    Aaron Parecki
    @mattb Are you running Ubuntu 12.04?
    Portland, Oregon, USA
    Tue, Apr 8, 2014 5:10pm -07:00
  • @matt@biddul.ph https://twitter.com/mattb   •   Apr 9
    @aaronpk I already upgraded that box to 13.10 in order to upgrade to the fixed version listed in http://www.ubuntu.com/usn/usn-2165-1/
    Aaron Parecki
    @mattb Yeah it seems to be unique to 12.04 LTS. I need to use the LTS version, not willing to upgrade to 13 tho.
    Portland, Oregon, USA
    Tue, Apr 8, 2014 5:13pm -07:00
← Older → Newer

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv