Skip to content

Xojo Cloud and Heartbleed

This week, a major vulnerability, referred to as “Heartbleed” was discovered in OpenSSL. Bruce Schneier, who blogs about Internet security, called it, “catastrophic” and “on the scale of 1 to 10, this is an 11.” Heartbleed has left just about anyone with a server scrambling to find out if their version of OpenSSL is affected or not and then taking measures to update OpenSSL and make sure everything is working again.

The moment we heard about Heartbleed we checked Xojo Cloud. It was vulnerable. Fortunately, because all Xojo Cloud servers are the same, we were able to quickly and easily update them all to a safe version of OpenSSL. Additionally, we easily identified those servers that had SSL certificates installed and notified the users that they should get their SSL certificates reissued.

This is one of the advantages of Xojo Cloud. When internet security catastrophes come along, we deal with them for you. There are cheaper hosting solutions of course but they leave all the security and maintanence to you. Some hosting companies offer “managed” servers where they do the maintanence for you. However, managed servers are almost always far more expensive than the Xojo Cloud.

BTW, it’s almost a guarantee that you have an account on some websites that were vulnerable and thus you should change your passwords. Mashable has a post with a list of many popular but vulnerable sites. We have a post that discusses this as well.