Unfortunately we had a few customers stuck though; their OpenSSL libraries were embedded in commercial software that they couldn't quickly upgrade. One of our VPs reached out "Is there anything we can do here?"
-
-
What time are you landing at OTP? :-)
-
AMS first, then OTP at 1:30PM local time!
End of conversation
New conversation -
-
-
In addition to s2n, Heartbleed also triggered the creation of AWS Certificate Manager. At the beginning of 2014, we were working on a project to start a public CA at AWS.
-
We heard from customers that certificates were expensive and hard to buy, so we were trying to fix that pain point. At the time, to use certificates on AWS, you uploaded your key and certificate chain to AWS IAM.
- 8 more replies
New conversation -
-
-
Fun read. Thanks for sharing!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I was on stage at the AWS Sydney Summit the day after this; the first that many customers heard about Heartbleed was at the same time that all ELBs worldwide had been patched. Many relieved faces in the audience.
-
Was also nice to point out how AWS Secret keys were unlikely to be compromised by this on API endpoints (Secret keys never traverse the wire after issuance).
End of conversation
New conversation -
-
-
Can you say more about the logistics of hotpatching OpenSSL & deploying the patch? This is not trivial at a lot of companies with baked images etc
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Did Bezos make sure you got a good bonus that year (or was it the usual jam-tomorrow stuff)?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
As someone working in the industry, I don't know where to begin with how impressive the almost throw-away "I wrote a TLS/SSL implementation in 5 weekends, on my own" is; or how I would be completely paralyzed by the fear of making the same mistakes as OpenSSL..
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.