[kwlug-disc] Heartbleed affected sites

John Johnson jvj at golden.net
Tue Apr 15 09:50:43 EDT 2014


On 2014-04-15 09:20, Khalid Baheyeldin wrote:
> We are currently going through the painstaking process of analyzing 
> other fragments of data, some that may relate to businesses, that were 
> also removed."

Given the sheer volume of data that is flowing in the tubes, I would 
suggest that this would be much like looking for a particular cup of 
water in the Great Lakes.
And that any investigation or analysis would have to be executed on an 
exception basis as opposed to continuous.

That said, to be able to look at the 'fragments of data' means that a 
copy of the data would have to be stored somewhere and someway.
Or that they have a means to be able to determine what data would been 
available to the Heartbleed security breach.

> Is it simply that CSIS et al are they monitoring the forums that sell 
> the stolen info?

Yes.

> Or more ominously, are they monitoring the wire of all traffic to/from 
> CRA? 

Again, see above re: cup of water but this time, in the Grand River.

BTW: I think I recall seeing a post in this thread that said that an 
attack using the Heartbleed security breach was not traceable, did not 
leave fingerprints and thus could not be detected.

JohnJ







More information about the kwlug-disc mailing list