Free Heartbleed-Checker Released for Firefox Browser by Kelly Jackson Higgins.
From the post:
A developer today released a free add-on for Mozilla Firefox that checks websites for vulnerability to the massive Heartbleed flaw. Tom Brennan, founder of ProactiveRISK, says he wrote the tool after getting an overwhelming number of requests from family and friends about how to protect themselves from websites that are vulnerable to Heartbleed. “They just wanted their browser to tell them, like a radar detector,” Brennan says.
…
A similar tool for Chrome was released yesterday by developer Jamie Hoyle. The Chromebleed Checker add-in for the Chrome browser also warns users of Heartbleed-vulnerable sites.
If you discover a Heartbleed susceptible site, tweet #heartbleed (URL of site).
BTW, don’t be discouraged by pieces like Open source software is more secure, right? So what happened with OpenSSL? by Barb Darrow.
What Barb misses is that with closed source software, a large part of the security industry and almost no customers would ever know what when wrong in the OpenSSL source code. With open-source, future code reviews can look for similar errors.
Another difference is that proprietary systems are always “just good enough to ship,” and open-source software has the opportunity (not a certainty) to get better over time.
I think those are two large differences.
You?