Just when you thought that we are done with the Heartbleed threat, there is some bad news to spoil the mood. As you remember, this was the most serious OpenSSL vulnerability, we have ever seen. The funny thing about it, though, is that we had 600,000 servers potentially jeopardized at the beginning of this unusual crisis. What is the situation right now?
Well, for what is worth, two months after the bug was discovered, we still have more than 300,000 servers left with no appropriate protection. Two months we had to deal with this trouble. And what have we done? We only cut it in half. This is a fantastic example, how we treat our security seriously. We are being ironic on this one. We hope that is obvious.
The trouble with the curve in this matter is that the knowledge about the potential security threat is not enough to eliminate it quickly and efficiently. How much more time do we need to eliminate the Heartbleed completely? Two more months, or maybe two more years? Yes, our dear friends, this is the reality we are living in.
The Heartbleed still bleeds, and there is nothing we can do about it. Can we? It seems that the pressure was not strong enough to make IT security experts do something seriously and quickly about it. Or, maybe we are exaggerating. Maybe, it is too much to ask while demanding to clean 600,000 servers in 6 weeks. Either way, we lose, for sure.