Most of Alexa Top 10000 No Longer Vulnerable to Heartbleed

by

I scanned the top 10000 websites (according to Alexa) and these are the ones that came up vulnerable. I have rescanned the vulnerable ones periodically and will continue to do so over the next few days. It’s possible that anything unpatched by now won’t be patched any time soon. This list is of servers that are currently vulnerable. It does not tell you whether keys or passwords were compromised in the past.

Just to be clear, I scanned port 443 (not 993), which is to say I was looking at HTTPS connections rather than IMAPS.

A bunch of sites didn’t respond to the test. Presumably this is because they don’t support HTTPS. But it might be because they’ve taken secure services off line while they fix the bug. Such sites wouldn’t be listed as vulnerable here, but it also wouldn’t be quite right to say they are safe.

Thanks to FiloSottile for the scanning tool.

2014/04/09 11:39:44 mobikwik.com
2014/04/09 11:43:02 www.mobikwik.com
2014/04/09 11:39:26 joomlart.com
2014/04/09 11:42:49 www.joomlart.com
2014/04/09 11:39:32 longurl.it
2014/04/09 11:40:38 templateism.com
2014/04/09 11:38:27 cpasuperaffiliate.com
2014/04/09 11:42:03 www.cpasuperaffiliate.com
2014/04/09 11:40:35 ssisurveys.com
2014/04/09 11:43:56 www.ssisurveys.com
2014/04/09 11:39:51 myegy.to
2014/04/09 11:43:08 www.myegy.to
2014/04/09 11:43:52 www.shareaholic.com
2014/04/09 11:40:33 speedyshare.com
2014/04/09 11:43:55 www.speedyshare.com
2014/04/09 11:37:47 8tracks.com
2014/04/09 11:41:28 www.8tracks.com
2014/04/09 11:40:03 picmonkey.com
2014/04/09 11:43:25 www.picmonkey.com
2014/04/09 11:38:31 digitalriver.com
2014/04/09 11:42:06 www.digitalriver.com
2014/04/09 11:38:07 authorityroi.com
2014/04/09 11:41:47 www.authorityroi.com
2014/04/09 11:39:53 neurs.com
2014/04/09 11:41:04 wisegeek.com
2014/04/09 11:44:23 www.wisegeek.com
2014/04/09 11:41:07 worthytoshare.net
2014/04/09 11:44:26 www.worthytoshare.net
2014/04/09 11:38:51 gazzetta.gr
2014/04/09 11:40:27 seoclerk.com
2014/04/09 11:43:50 www.seoclerk.com
2014/04/09 11:38:48 forex-mmcis.com
2014/04/09 11:42:25 www.forex-mmcis.com
2014/04/09 11:41:50 www.biblegateway.com
2014/04/09 11:38:37 entrepreneur.com
2014/04/09 11:41:03 webinarjam.net
2014/04/09 11:44:21 www.webinarjam.net
2014/04/09 11:41:01 weathernews.jp
2014/04/09 11:44:20 www.weathernews.jp
2014/04/09 11:37:49 adultbay.org
2014/04/09 11:41:29 www.adultbay.org
2014/04/09 11:41:03 wenyard.com
2014/04/09 11:44:22 www.wenyard.com
2014/04/09 11:43:16 www.omgpm.com
2014/04/09 11:37:45 518.com.tw
2014/04/09 11:41:17 www.518.com.tw
2014/04/09 11:40:49 trafficfactory.biz
2014/04/09 11:44:09 www.trafficfactory.biz
2014/04/09 11:38:19 cdn4711.net
2014/04/09 11:41:58 www.cdn4711.net
2014/04/09 11:40:06 pixeden.com
2014/04/09 11:43:28 www.pixeden.com
2014/04/09 11:39:12 indowebster.com
2014/04/09 11:42:45 www.indowebster.com
2014/04/09 11:41:02 webempresa.com
2014/04/09 11:44:21 www.webempresa.com
2014/04/09 11:38:57 goodfon.ru
2014/04/09 11:41:11 zive.cz
2014/04/09 11:44:35 www.zive.cz
2014/04/09 11:40:58 wasanga.com
2014/04/09 11:44:17 www.wasanga.com
2014/04/09 11:39:59 optimizehub.com
2014/04/09 11:43:16 www.optimizehub.com
2014/04/09 11:39:52 myus.com
2014/04/09 11:38:29 designmodo.com
2014/04/09 11:42:04 www.designmodo.com
2014/04/09 11:41:03 webinarjam.com
2014/04/09 11:44:21 www.webinarjam.com
2014/04/09 11:44:33 www.youyuan.com
2014/04/09 11:41:08 yatedo.com
2014/04/09 11:44:28 www.yatedo.com
2014/04/09 11:41:02 webbirga.net
2014/04/09 11:44:20 www.webbirga.net
2014/04/09 11:42:48 www.jobrapido.com
2014/04/09 11:41:06 work.ua
2014/04/09 11:44:25 www.work.ua
2014/04/09 11:40:07 plius.lt
2014/04/09 11:43:29 www.plius.lt
2014/04/09 11:42:22 www.fixya.com
2014/04/09 11:37:49 adworkmedia.com
2014/04/09 11:41:29 www.adworkmedia.com
2014/04/09 11:40:51 unian.net
2014/04/09 11:44:12 www.unian.net
2014/04/09 11:42:01 www.classicrummy.com
2014/04/09 11:40:13 profitcentr.com
2014/04/09 11:43:36 www.profitcentr.com
2014/04/09 11:42:16 www.fanfiction.net
2014/04/09 11:39:04 homeshop18.com
2014/04/09 11:42:41 www.homeshop18.com
2014/04/09 11:41:00 watchtower.com
2014/04/09 11:44:18 www.watchtower.com
2014/04/09 11:38:51 ghatreh.com
2014/04/09 11:42:28 www.ghatreh.com
2014/04/09 11:44:16 www.wanggou.com
2014/04/09 11:40:43 tianji.com
2014/04/09 11:44:04 www.tianji.com
2014/04/09 11:40:20 roskapital.biz
2014/04/09 11:38:45 final.ir
2014/04/09 11:42:22 www.final.ir
2014/04/09 11:38:56 gonzoxxxmovies.com
2014/04/09 11:42:32 www.gonzoxxxmovies.com
2014/04/09 11:38:31 dhnet.be
2014/04/09 11:42:05 www.dhnet.be
2014/04/09 11:39:53 neurs.net
2014/04/09 11:39:27 joxi.ru
2014/04/09 11:42:49 www.joxi.ru
2014/04/09 11:40:36 t24.com.tr
2014/04/09 11:43:58 www.t24.com.tr
2014/04/09 11:40:27 seocentro.com
2014/04/09 11:43:50 www.seocentro.com
2014/04/09 11:38:36 ebesucher.de
2014/04/09 11:37:48 adevarul.ro
2014/04/09 11:39:32 lavozdelmuro.com
2014/04/09 11:42:53 www.lavozdelmuro.com
2014/04/09 11:40:33 softcoin.com
2014/04/09 11:43:55 www.softcoin.com
2014/04/09 11:38:53 globallshare.com
2014/04/09 11:42:30 www.globallshare.com
2014/04/09 11:39:54 nsdl.co.in
2014/04/09 11:43:11 www.nsdl.co.in
2014/04/09 11:41:09 zbigz.com
2014/04/09 11:44:33 www.zbigz.com
2014/04/09 11:38:49 foxtv.es
2014/04/09 11:42:25 www.foxtv.es
2014/04/09 11:38:59 graphicstock.com
2014/04/09 11:42:35 www.graphicstock.com
2014/04/09 11:39:13 informador.com.mx
2014/04/09 11:40:48 tradekorea.com
2014/04/09 11:44:09 www.tradekorea.com
2014/04/09 11:37:58 all-union.com
2014/04/09 11:41:37 www.all-union.com
2014/04/09 11:37:48 adshostnet.com
2014/04/09 11:38:34 dressupgamesite.com
2014/04/09 11:42:09 www.dressupgamesite.com
2014/04/09 11:38:07 asiatech.ir
2014/04/09 11:41:47 www.asiatech.ir
2014/04/09 11:39:27 jquery4u.com
2014/04/09 11:42:50 www.jquery4u.com
2014/04/09 11:40:46 toshiba.com
2014/04/09 11:44:07 www.toshiba.com
2014/04/09 11:40:37 tamilrockers.net
2014/04/09 11:43:59 www.tamilrockers.net
2014/04/09 11:40:45 topnews.ru
2014/04/09 11:44:06 www.topnews.ru
2014/04/09 11:40:50 twitpic.com
2014/04/09 11:44:10 www.twitpic.com
2014/04/09 11:39:01 healthkart.com
2014/04/09 11:42:38 www.healthkart.com
2014/04/09 11:39:11 inc.com
2014/04/09 11:39:19 iqiyi.com
2014/04/09 11:42:47 www.iqiyi.com
2014/04/09 11:40:35 sprinthost.ru
2014/04/09 11:43:56 www.sprinthost.ru
2014/04/09 11:40:01 ouedkniss.com
2014/04/09 11:43:18 www.ouedkniss.com
2014/04/09 11:40:50 tz4.com
2014/04/09 11:44:11 www.tz4.com
2014/04/09 11:44:27 www.wunderweib.de
2014/04/09 11:43:35 www.prizee.com
2014/04/09 11:38:31 dlisted.com
2014/04/09 11:42:06 www.dlisted.com
2014/04/09 11:37:47 55188.com
2014/04/09 11:41:28 www.55188.com
2014/04/09 11:40:35 studiopress.com
2014/04/09 11:43:57 www.studiopress.com
2014/04/09 11:38:08 autobip.com
2014/04/09 11:41:48 www.autobip.com
2014/04/09 11:39:49 m-w.com
2014/04/09 11:43:07 www.m-w.com
2014/04/09 11:38:47 foozine.com
2014/04/09 11:42:24 www.foozine.com
2014/04/09 11:38:38 expatriates.com
2014/04/09 11:42:15 www.expatriates.com
2014/04/09 11:38:37 escapistmagazine.com
2014/04/09 11:40:36 takshop91.biz
2014/04/09 11:43:58 www.takshop91.biz
2014/04/09 11:40:01 oxforddictionaries.com
2014/04/09 11:43:18 www.oxforddictionaries.com
2014/04/09 11:41:10 zigzig.ir
2014/04/09 11:44:35 www.zigzig.ir
2014/04/09 11:40:40 themalaysianinsider.com
2014/04/09 11:44:01 www.themalaysianinsider.com
2014/04/09 11:40:02 peeplo.com
2014/04/09 11:43:21 www.peeplo.com
2014/04/09 11:38:40 favstar.fm
2014/04/09 11:42:17 www.favstar.fm
2014/04/09 11:39:30 lalibre.be
2014/04/09 11:42:52 www.lalibre.be
2014/04/09 11:38:54 globus-inter.com
2014/04/09 11:42:31 www.globus-inter.com
2014/04/09 11:40:02 pciconcursos.com.br
2014/04/09 11:43:21 www.pciconcursos.com.br
2014/04/09 11:38:55 gnetwork.biz
2014/04/09 11:42:31 www.gnetwork.biz
2014/04/09 11:39:45 mpnrs.com
2014/04/09 11:43:02 www.mpnrs.com
2014/04/09 11:38:57 gordonua.com
2014/04/09 11:42:33 www.gordonua.com
2014/04/09 11:40:33 socialfabric.us
2014/04/09 11:43:55 www.socialfabric.us
2014/04/09 11:40:15 ptcsolution.com
2014/04/09 11:43:37 www.ptcsolution.com
2014/04/09 11:38:27 competitor.com
2014/04/09 11:42:03 www.competitor.com
2014/04/09 11:40:26 scamadviser.com
2014/04/09 11:43:49 www.scamadviser.com
2014/04/09 11:39:43 mobeoffice.com
2014/04/09 11:43:01 www.mobeoffice.com
2014/04/09 11:38:28 cplusplus.com
2014/04/09 11:42:03 www.cplusplus.com
2014/04/09 11:39:59 olx.co.th
2014/04/09 11:43:15 www.olx.co.th
2014/04/09 11:40:40 themefuse.com
2014/04/09 11:44:02 www.themefuse.com
2014/04/09 11:40:59 watchcric.com
2014/04/09 11:44:18 www.watchcric.com
2014/04/09 11:38:25 clickey.com
2014/04/09 11:42:01 www.clickey.com
2014/04/09 11:43:20 www.paipai.com
2014/04/09 11:40:41 theync.com
2014/04/09 11:44:02 www.theync.com
2014/04/09 11:39:40 markethealth.com
2014/04/09 11:42:58 www.markethealth.com
2014/04/09 11:37:42 01net.com
2014/04/09 11:41:11 www.01net.com
2014/04/09 11:39:46 mttbsystem.com
2014/04/09 11:43:04 www.mttbsystem.com
2014/04/09 11:40:41 thestreet.com
2014/04/09 11:38:35 driverscollection.com
2014/04/09 11:42:10 www.driverscollection.com
2014/04/09 11:40:03 perfectworld.eu
2014/04/09 11:42:54 www.macmillandictionary.com
2014/04/09 11:42:54 www.mackolik.com
2014/04/09 11:39:14 internetlifestylenetwork.com
2014/04/09 11:42:46 www.internetlifestylenetwork.com
2014/04/09 11:41:04 wisegeek.org
2014/04/09 11:44:23 www.wisegeek.org
2014/04/09 11:38:42 fide.com
2014/04/09 11:40:50 turkcealtyazi.org
2014/04/09 11:44:10 www.turkcealtyazi.org
2014/04/09 11:40:18 romedic.ro
2014/04/09 11:43:40 www.romedic.ro
2014/04/09 11:40:44 tomoson.com
2014/04/09 11:44:05 www.tomoson.com
2014/04/09 11:38:11 bimlatino.com
2014/04/09 11:41:50 www.bimlatino.com
2014/04/09 11:40:15 pulptastic.com
2014/04/09 11:43:37 www.pulptastic.com
2014/04/09 11:39:10 imasters.com.br
2014/04/09 11:42:44 www.imasters.com.br
2014/04/09 11:39:59 optimizepress.com
2014/04/09 11:43:16 www.optimizepress.com
2014/04/09 11:38:28 dailycaller.com
2014/04/09 11:42:04 www.dailycaller.com
2014/04/09 11:40:10 prezentacya.ru
2014/04/09 11:43:33 www.prezentacya.ru
2014/04/09 11:40:44 tokopedia.com
2014/04/09 11:44:05 www.tokopedia.com
2014/04/09 11:40:39 text.ru
2014/04/09 11:44:00 www.text.ru
2014/04/09 11:40:13 programme.tv
2014/04/09 11:39:53 noulinx.com
2014/04/09 11:43:10 www.noulinx.com
2014/04/09 11:38:00 apktops.ir
2014/04/09 11:41:39 www.apktops.ir
2014/04/09 11:44:27 www.wtvideo.com
2014/04/09 11:40:09 popupads.ir
2014/04/09 11:43:32 www.popupads.ir
2014/04/09 11:40:57 voici.fr
2014/04/09 11:40:14 proranktracker.com
2014/04/09 11:43:36 www.proranktracker.com
2014/04/09 11:38:59 graphixshare.com
2014/04/09 11:42:35 www.graphixshare.com
2014/04/09 11:39:42 mdir.ir
2014/04/09 11:43:00 www.mdir.ir
2014/04/09 11:43:47 www.sahadan.com
2014/04/09 11:39:02 hobo-web.co.uk
2014/04/09 11:42:39 www.hobo-web.co.uk
2014/04/09 11:40:59 waseet.net
2014/04/09 11:44:17 www.waseet.net
2014/04/09 11:40:00 osclass.org
2014/04/09 11:43:17 www.osclass.org
2014/04/09 11:39:00 greatergood.com
2014/04/09 11:42:36 www.greatergood.com
2014/04/09 11:39:08 im286.com
2014/04/09 11:37:44 1001freefonts.com
2014/04/09 11:41:12 www.1001freefonts.com
2014/04/09 11:42:03 www.cpmterra.com
2014/04/09 11:40:12 privatbank.ua
2014/04/09 11:43:35 www.privatbank.ua
2014/04/09 11:40:32 sixrevisions.com
2014/04/09 11:43:54 www.sixrevisions.com
2014/04/09 11:40:11 privatbank.ru
2014/04/09 11:43:34 www.privatbank.ru
2014/04/09 11:40:31 sinemalar.com
2014/04/09 11:43:53 www.sinemalar.com
2014/04/09 11:38:39 farnell.com
2014/04/09 11:42:16 www.farnell.com
2014/04/09 11:38:26 clickprime8.com
2014/04/09 11:42:02 www.clickprime8.com
2014/04/09 11:38:10 bab.la
2014/04/09 11:38:40 farsisubtitle.com
2014/04/09 11:42:17 www.farsisubtitle.com
2014/04/09 11:39:03 holidayiq.com
2014/04/09 11:42:40 www.holidayiq.com
2014/04/09 11:41:09 zeobit.com
2014/04/09 11:44:34 www.zeobit.com
2014/04/09 11:39:31 lavozdegalicia.es
2014/04/09 11:39:39 mamaclub.com
2014/04/09 11:42:58 www.mamaclub.com
2014/04/09 11:41:08 xtool.ru
2014/04/09 11:44:28 www.xtool.ru
2014/04/09 11:39:05 hypebeast.com
2014/04/09 11:42:41 www.hypebeast.com
2014/04/09 11:40:51 unian.ua
2014/04/09 11:44:12 www.unian.ua
2014/04/09 11:38:28 darty.com
2014/04/09 11:39:28 juicyads.com
2014/04/09 11:42:50 www.juicyads.com
2014/04/09 11:39:19 ireporterstv.co
2014/04/09 11:38:46 fontpalace.com
2014/04/09 11:42:23 www.fontpalace.com
2014/04/09 11:40:07 playxn.com
2014/04/09 11:43:28 www.playxn.com
2014/04/09 11:38:41 feebbo.com
2014/04/09 11:42:18 www.feebbo.com
2014/04/09 11:40:34 sportdog.gr
2014/04/09 11:38:49 friendorfollow.com
2014/04/09 11:42:26 www.friendorfollow.com
2014/04/09 11:40:10 postjoint.com
2014/04/09 11:43:32 www.postjoint.com
2014/04/09 11:39:57 ocj.com.cn
2014/04/09 11:43:13 www.ocj.com.cn
2014/04/09 11:40:16 punchng.com
2014/04/09 11:43:38 www.punchng.com
2014/04/09 11:38:43 filefactory.com
2014/04/09 11:42:19 www.filefactory.com
2014/04/09 11:39:30 keyandway.com
2014/04/09 11:42:52 www.keyandway.com
2014/04/09 11:40:20 roodo.com
2014/04/09 11:43:42 www.roodo.com
2014/04/09 11:39:05 ibtimes.co.in
2014/04/09 11:42:41 www.ibtimes.co.in
2014/04/09 11:39:13 internetdownloadmanager.com
2014/04/09 11:42:45 www.internetdownloadmanager.com
2014/04/09 11:44:23 www.woorank.com
2014/04/09 11:40:29 serpbook.com
2014/04/09 11:43:52 www.serpbook.com
2014/04/09 11:38:43 filelist.ro
2014/04/09 11:42:20 www.filelist.ro
2014/04/09 11:38:51 ge.tt
2014/04/09 11:42:28 www.ge.tt
2014/04/09 11:38:45 fizzle.co
2014/04/09 11:42:22 www.fizzle.co
2014/04/09 11:37:50 akairan.com
2014/04/09 11:41:29 www.akairan.com
2014/04/09 11:40:17 ria.com
2014/04/09 11:43:39 www.ria.com
2014/04/09 11:40:08 polki.pl
2014/04/09 11:43:30 www.polki.pl
2014/04/09 11:40:25 sammobile.com
2014/04/09 11:43:48 www.sammobile.com
2014/04/09 11:39:06 idwebgame.com
2014/04/09 11:42:43 www.idwebgame.com
2014/04/09 11:38:52 gi-akademie.com
2014/04/09 11:42:29 www.gi-akademie.com
2014/04/09 11:38:33 downloadab.com
2014/04/09 11:42:08 www.downloadab.com
2014/04/09 11:37:59 alnaddy.com
2014/04/09 11:39:42 mediapost.com
2014/04/09 11:43:00 www.mediapost.com
2014/04/09 11:38:10 banglanews24.com
2014/04/09 11:43:57 www.state.tx.us
2014/04/09 11:38:24 cinepolis.com.mx
2014/04/09 11:38:29 datropy.com
2014/04/09 11:42:04 www.datropy.com
2014/04/09 11:40:15 protothema.gr
2014/04/09 11:40:37 telewebion.com
2014/04/09 11:43:59 www.telewebion.com
2014/04/09 11:39:45 mp-success.com
2014/04/09 11:43:03 www.mp-success.com
2014/04/09 11:38:38 evsuite.com
2014/04/09 11:42:15 www.evsuite.com
2014/04/09 11:39:55 nukistream.com
2014/04/09 11:43:12 www.nukistream.com
2014/04/09 11:41:06 worthytoshare.com
2014/04/09 11:44:25 www.worthytoshare.com
2014/04/09 11:40:47 tractionize.com
2014/04/09 11:44:07 www.tractionize.com
2014/04/09 11:38:37 edlen24.com
2014/04/09 11:42:14 www.edlen24.com
2014/04/09 11:38:31 digitalmarketer.com
2014/04/09 11:42:05 www.digitalmarketer.com
2014/04/09 11:39:51 myip.ms
2014/04/09 11:43:09 www.myip.ms
2014/04/09 11:40:28 seoclerks.com
2014/04/09 11:43:51 www.seoclerks.com
2014/04/09 11:39:41 matadornetwork.com
2014/04/09 11:42:59 www.matadornetwork.com
2014/04/09 11:38:58 gorillavid.in
2014/04/09 11:42:34 www.gorillavid.in
2014/04/09 11:41:07 wowkeren.com
2014/04/09 11:44:26 www.wowkeren.com
2014/04/09 11:38:42 fermasosedi.ru
2014/04/09 11:42:19 www.fermasosedi.ru
2014/04/09 11:38:30 dha.com.tr
2014/04/09 11:42:05 www.dha.com.tr
2014/04/09 11:38:11 beliefnet.com
2014/04/09 11:38:50 futbol24.com
2014/04/09 11:42:28 www.futbol24.com
2014/04/09 11:38:27 coinmill.com
2014/04/09 11:42:02 www.coinmill.com
2014/04/09 11:39:29 kaskus.co.id
2014/04/09 11:42:51 www.kaskus.co.id
2014/04/09 11:37:51 alfajertv.com
2014/04/09 11:41:30 www.alfajertv.com
2014/04/09 11:38:02 arioo.com
2014/04/09 11:41:40 www.arioo.com
2014/04/09 11:38:01 aremo.com.br
2014/04/09 11:40:38 telly.com
2014/04/09 11:43:59 www.telly.com
2014/04/09 11:40:27 selfhtml.org
2014/04/09 11:43:50 www.selfhtml.org
2014/04/09 11:40:57 vic.gov.au
2014/04/09 11:44:14 www.vic.gov.au
2014/04/09 11:38:20 championat.com
2014/04/09 11:41:59 www.championat.com
2014/04/09 11:40:40 theme.co
2014/04/09 11:44:01 www.theme.co
2014/04/09 11:39:26 joomlaportal.de
2014/04/09 11:42:49 www.joomlaportal.de
2014/04/09 11:40:33 spinding.com
2014/04/09 11:43:55 www.spinding.com
2014/04/09 11:40:52 uploadbaz.com
2014/04/09 11:41:05 wordcounter.net
2014/04/09 11:44:24 www.wordcounter.net
2014/04/09 11:40:57 wallstcheatsheet.com
2014/04/09 11:44:14 www.wallstcheatsheet.com
2014/04/09 11:40:29 seratnews.ir
2014/04/09 11:43:52 www.seratnews.ir
2014/04/09 11:38:58 gorilla-evolution.com
2014/04/09 11:42:34 www.gorilla-evolution.com
2014/04/09 11:38:56 gogetlinks.net
2014/04/09 11:42:32 www.gogetlinks.net
2014/04/09 11:39:00 grasscity.com
2014/04/09 11:42:36 www.grasscity.com
2014/04/09 11:38:32 docnhat.net
2014/04/09 11:42:07 www.docnhat.net
2014/04/09 11:39:52 nasgo.net
2014/04/09 11:43:09 www.nasgo.net
2014/04/09 11:39:57 okitspace.com
2014/04/09 11:43:14 www.okitspace.com
2014/04/09 11:38:33 down1oads.com
2014/04/09 11:42:08 www.down1oads.com
2014/04/09 11:40:17 quirktools.com
2014/04/09 11:43:38 www.quirktools.com
2014/04/09 11:40:31 sixfigurefunnelformula.com
2014/04/09 11:43:53 www.sixfigurefunnelformula.com
2014/04/09 11:38:09 avazutracking.net
2014/04/09 11:41:49 www.avazutracking.net
2014/04/09 11:40:01 paperblog.com
2014/04/09 11:43:20 www.paperblog.com
2014/04/09 11:40:32 socialadr.com
2014/04/09 11:43:54 www.socialadr.com
2014/04/09 11:44:07 www.tqn.com
2014/04/09 11:38:36 ecosia.org
2014/04/09 11:42:13 www.ecosia.org
2014/04/09 11:39:52 naukrigulf.com
2014/04/09 11:38:37 everydayhealth.com
2014/04/09 11:42:14 www.everydayhealth.com
2014/04/09 11:38:46 flashkhor.com
2014/04/09 11:42:23 www.flashkhor.com
2014/04/09 11:42:27 www.fujitv.co.jp
2014/04/09 11:40:35 sudaneseonline.com
2014/04/09 11:43:57 www.sudaneseonline.com
2014/04/09 11:38:53 gi-backoffice.com
2014/04/09 11:42:30 www.gi-backoffice.com
2014/04/09 11:39:40 marksdailyapple.com
2014/04/09 11:42:59 www.marksdailyapple.com
2014/04/09 11:38:25 cision.com
2014/04/09 11:41:59 www.cision.com
2014/04/09 11:40:58 wannonce.com
2014/04/09 11:44:16 www.wannonce.com
2014/04/09 11:38:09 awwwards.com
2014/04/09 11:41:49 www.awwwards.com
2014/04/09 11:39:41 marunadanmalayali.com
2014/04/09 11:42:59 www.marunadanmalayali.com
2014/04/09 11:40:26 savenkeep.com
2014/04/09 11:43:49 www.savenkeep.com

I Got Myself Hacked

by

My media box that runs XMBC has been breached. It’s a recent Debian testing install. I didn’t bother securing this box since it has no access to anything, but more importantly, I also made a couple of incredibly simple mistakes while setting it up.

First of all, I allowed root login via SSH using password authentication. This meant that anybody who knows the password and can reach the box can log in. This was supposed to be just while setting up the box, but I forgot to turn it off after I was done doing setup.

Second, I used a simple password. This was supposed to be disabled after I set up authentication via SSH keys, but I got distracted and didn’t complete the process.

Third, I connected the box to a public-facing VPN and downloaded some torrents. Doing this gave the world direct access to the box, unmediated by my network’s normal firewall and NAT infrastructure.

And I think those mistakes were enough. My guess (it’s not clear from the logs) is that somebody, or most likely some bot, probed the box, guessed the root password (I’m embarrassed about that most of all), installed a custom version of atd as well as some daemons I’ve never heard of (ksapd, kysapd, sksapd, and skysapd). It put these binaries in /etc, which is odd and was an early red flag in telling me this stuff wasn’t Debian-approved. The malware also overwrote root’s crontab and fiddled with /etc/rc.local. None of these changes showed up via rkhunter or debsums.

The attacker made some mistakes that made the malware fairly easy to find and disable, which was as simple as killing some processes, removing the root crontab (/var/spool/crontab/root) and looking at /etc/rc.local. Still, of course I don’t know if there are things I missed, so I’ll be reinstalling this box from scratch.

A cursory check of the other important boxes on my LAN shows no evidence that they have been probed or entered. I need to do a more thorough check asap, especially of the Macintosh laptop which for all I know is running software that hasn’t gotten a security update in a while.

A few weeks ago, somebody else seems to have encountered similar (or at least similarly-named) malware. Their conclusion is similar to mine:

It looks like a weak password. I lectured some 8 to 11 y/o kids on passwords, then created a user called word with password called word. 2 days later I saw things by accident, luckily they only were in for a short while.

I made a series of bad, easily-avoided mistakes with this install. Mostly, the mistakes were mental errors. I was thinking of this box as insecure and not worth attacking. I took a lot of shortcuts and then failed to clean them up. I was cavalier with connections and letting the box talk to the seedier corners of the Internet.

All of this is highly embarrassing. I’m supposed to be a person that knows the basics of locking the doors. I’m publishing this report precisely because embarrassment usually prevents people from talking about their security failures. So here it is. Feel free to mock me.

Next steps for me are to snapshot the install and to start looking at the binaries left on the system. If there’s anything more to report, I’ll do another post and perhaps update this one.

A Conversation with Bruce Schneier

by

Following on Eben Moglen’s mind-warping series of talks about life after Snowden, the Software Freedom Law Center has invited Bruce Schneier to join Eben for a conversation informed by Bruce’s own analysis of the leaked documents. Bruce is one of the smartest thinkers around when it comes to understanding how security and surveillance operate in the real world. And he is unsurpassed at presenting complicated security concepts even to people who lack his expertise. Between Moglen’s sophisticated thoughts and Bruce’s grounded approach, we’re sure to learn a lot about where we stand and what we can do next!

Installing Enigmail

by

If you’re trying to install enigmail and icedove on Debian, you might find that the enigmail and icedove package versions conflict. Never fear, just install enigmail all by itself. It will remove icedove if present but then install iceape, which contains iceape mail.

PRISM Is Not The Problem

by

Recent news and excellent reporting have shown the public what many of us have long known: governments are collecting all our communication and compelling companies to help.

In the immediate aftermath of the initial NSA revelations (and there are more to come), some people are pushing for judicial or legislative restraints on further privacy violations. This is a noble effort, and I hope those people succeed. But let’s be real for a moment: those efforts are mostly symbolic.

Does anybody believe our government is going to stop spying on us just because it’s against the law? We already know PRISM is unconstitutional. If that isn’t enough to stop the Obama administration from spying on Americans, tinkering with the margins of the Patriot Act isn’t going to make a difference.

The problem isn’t the law. Fortunately, neither is the solution. Once we centralized all our communications and metadata on just a handful of servers, we made inevitable the use of that massive data trove by people who don’t share our interests or values. Today we know this includes the NSA, but it also includes the marketers, the insurance profilers, and your ex-future employers. It is impossible to centralize massive amounts of information and then dictate what that information is used for. Once you collect it, people are going to use it. And share it. And you have no control over what happens next.

The solution is to stop giving all your data to the same handful of services. Migrate off cloud services for things like email. Use old tech like IRC and email, which are too decentralized to spy on at mass scale. Build your own servers if you’re able. And when you do use cloud services, demand those services let you access them with your own clients that can encrypt your communication.

If we keep making giant piles of data, governments and corporations will continue to paw through our personal lives at will and for their own purposes. The conversations we have on Facebook and Google feel private, but they occur in public spaces. If we want privacy, we need to take those conversations to truly private infrastructure or encrypt them so the snoops have nothing to listen to.

Muji Pens!

by

I haven’t been a pen guy since I wasted too many hours spinning and flipping them in high school. Who really writes by hand anymore? But then I started pocketing these graph-ruled moleskine reporter notebooks and thus began the hunt for a pen that could perfect the notebook experience. A few months ago, I finally settled on Muji gel ink hex pens with 0.3mm tips.

I tried a lot of different pens while feeling out what my requirements for a little notebook pocket pen. This one meets almost all of them. For example, it skates across the page like a greased puck on ice. Some pens accomplish this by looding the page with ink, but I write small, especially in a tiny mileskine. I require a sharp, precise line. The Muji keeps a narrow, wet, gliding tip that dries fast and doesn’t bleed along the paper’s fibers.

Also, I lose pens faster than a politician can break your heart, so I can’t abide gold-plated pocket clips and heirloom rosewood barrels. These pens clock in at $3.75 apiece. When I lose them I mourn the lost pen, not the cash.

Because the pen is going to sit in my pocket, I want something light and not too thick. The Muji is like a pencil in weight and shape. It’s longer than I want in a pocket pen, but it works well enough. I might cut one down to see how short I can make it.

The downside to this pen is the cap. It sits snug on the barrel, and I’ve not lost one yet, but it nags at me when I stow it in my pocket. And the flimsy plastic in the pocket clip feels like it might break, so I don’t use it. I’m going to pick up the refillable click point version of these pens, although I think they’re a little ugly.

For a $3.75 pen I’m going to lose, I don’t fred durability, but one thing bears note: I dropped one and it fell perfectly straight down on the point. It never wrote smoothely after that, so I replaced it. I can’t tell yet whether this is an issue.

If you want to get fancy, the pen comes in a rainbow of colors. I’ve tried black, blue, red and purple. All show up vividly and contrast and coordinate nicely with each other. For a few bucks more, you can pick three colors and put them in a click pen. This is pricey at $7.50 and the 3-color pen is thicker than I’d like, but the convenience of having black plus two accent colors (I write action items in red) is hard to beat.

As a pocket pen for small notebook use, the Muji pen is great. This isn’t the pen for writing on a crumpled up paper bag or to letter a sign, but in the little private world formed by my head, my hand and my notebook, it’s just about perfect. My moleskine now gets constant rather than sporadic use, and that more than anything is what puts this pen in my pocket every day.

Python3 Upgrade Is So Easy

by

I just upgraded Planeteria to Python3. It took half an hour. I ran 2to3, upgraded some dependencies, ran 2to3 on a few manually and I was done. It just worked. Like magic.

Now to do some upgrades and deploy it.

Blog hit

by

Oh look, an article about OpenITP.

Swapping Rodents

by

A few months ago, Georgia Bullen and I spent a bunch of time trying to remember what company had the “travel squirrel”. Searching the web for “travel squirrel” didn’t help, and now the travel squirrel is a running joke in our office.

Fast forward to tonight, when I ran into Alexis Ohanian on Amtrak. We started talking about his work with Hipmunk, and he told me the key to capturing the big fat middle of the non-business travel market is to get that person who takes one trip a year to think of Hipmunk when they book. I told him about the travel squirrel and we decided that if people like me and Georgia can’t tell a squirrel from a chipmunk, we need to teach Google that when folks request the travel squirrel they really mean a different wandering rodent entirely.

Incidentally, Alexis drew the logo. He allowed that maybe it looks a little squirrely. It was kind of him.

Kickstart Open Source!

by

Friends, I just backed a Kickstarter that I think you should know about. Seven years ago, Karl Fogel wrote a book that became the manual for doing open source software projects. He’s crowd funding the revision. As a community, we need this book to get updated. I invite you to contribute. Thanks.

Disclaimer: In various contexts, Karl is my boss, my co-worker, my employee, and my business partner. In all those contexts, he’s also my friend.