Reply to post: Heartbleed: 1173 to 86; Drown: 653 to 620

Cloud sellers who acted on Heartbleed sink when it comes to DROWN

sysconfig

Heartbleed: 1173 to 86; Drown: 653 to 620

See the difference in the starting figures? 520. It likely means that a huge number of providers (cloud or otherwise) were not suspectible to Drown to begin with, because they ditched SSL v2 ages ago -- like any sensible person would have done.

So the majority of those 520 providers were never among the 33 companies which have responded to Drown, because they didn't need to.

You can't take numbers at face value and completely ignore that only stupid providers would still have been suspectible to Drown after it hit the headlines, because SSL v2 and v3 have been known to be unfit for purpose for quite some time now and sensible providers and sys admins would have known that.

Skyhigh Networks' Cloud Security Labs have discredited themselves, and El Reg shares the guilt for believing and blindly printing what the EMEA Marketing Director said...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020