My heartbleeds for you


(Tim Slagle) #1

Hey Smartthings team.

Can someone help shed some light on you usage of the openssl protocol that has the vulnerable heartbeat connection?

Do you use openssl? If so, what are your plans to update and patch the Smartthings infrastructure, if you haven’t done so already? Are our passwords encrypted with the same SSL keys that go over open internet or are they encrypted separately from SSL?

Maybe @urman can provide some insight here?

Thanks in advance for any insight you can provide.


(Todd Wackford) #2

Some answers here: http://build.smartthings.com/forums/topic/heart-bleed/


(Tim Slagle) #3

Thanks @twack

I looked and didn’t a forum topic… i swear im not “that guy” lol.