Wednesday, April 9, 2014

FYI: Jungle Disk Open SSL Security Notification

OPEN SSL SECURITY - an authorized person could read your data upload and download text and info un-encrypted.

Cloud Storage Companies are hoping they aren't affected. 

Subject: Jungle Disk Open SSL Security Notification

Jungle Disk

OpenSSL Notice

We wanted to provide you with an update on the recently published vulnerability for OpenSSL. Please see for full details regarding the vulnerability. We were made aware of this vulnerability on the morning of April 8th 2014 and immediately scanned our infrastructure to assess Jungle Disk risk.
Our analysis showed that we did not have the vulnerable (D)TLS heartbeat extension enabled; therefore, our exposure was limited. Later that afternoon, as a best practice security measure, we patched a portion of our infrastructure running the version of openssl and will be rebooting our services in specific datacenters this evening at 9PM (CDT) to mitigate the issue. During the maintenance this evening you may experience slight delays and connectivity interruptions.
Thank you for your patience and loyalty,
Your Jungle Disk® Team


© 2014 Rackspace

No comments: