Don't have an account? Create Now!


LoginLog in to manage your personal or business account with us.

Lost password?

Already have an account? Login in here


Sign upRegister now to gain access to applications, free credits and resources.

Forgot PasswordWe will reset your account and provide an email confirmation.

Our Applications

What we do..

Core products, applications and services to extend your capabilities.

Jobs

Ninjas handle everything from your tasks and projects to development for you. All you need to do is pick the service you want done and add some details, and we will take care of the rest!

Membership

Get the best out of our apps and services by subscribing to our cost-effective Membership Plans. Get unrestricted access to all under one roof..

Cloudlets

With the help of Ninjas and Cloud technologies, you can easily build, design and manage your websites & applications. Choose from over 132 different cloudlet apps and themes.

Credits

Credits offer a uniform currency exchange, employable around the world with no prejudice. You can easily top-up, manage payment options, set auto top-ups and more through it.

Ninja

Become part of our Ninja team and have access to amazing opportunities. Broaden your knowledge & experience levels. So why not join us now and take your career to the next level!

Interfacer

Leverage the power of One Spiffy’s strong APIs to incorporate your services and applications. In search of a precise API for your app? Contact us and we will be happy to help.

Still Exploring?

Let’s get you started now!

Simply provide us with your name and email address, we will do the rest.

2 minutes to read
Heartbleed Bug

Apr 13, 2014 | General, News, Social | 1 comment

With news breaking on Monday, April 7th that HeartBleed causes a vulnerability in the OpenSSL cryptographic library, which is used by roughly two-thirds of all websites on the Internet, we want to update on how this bug may have impacted our Infrastructure and clarify the actions we’re taking to protect our Customers, Clients and Partners.

What is the Heartbleed Bug?

By sending a specially crafted packet to a vulnerable server running an un-patched version of OpenSSL, an attacker can get up to 64kB of the server’s working memory. This is the result of a classic implementation bug known as a Buffer over-read

There has been speculation that this vulnerability could expose server certificate private keys, making those sites vulnerable to impersonation. This would be the disaster scenario, requiring virtually every service to reissue and revoke its SSL certificates. Note that simply reissuing certificates is not enough, you must revoke them as well.

What has been done?

Unfortunately, the certificate revocation process is far from perfect and was never built for revocation at mass scale. If every site revoked its certificates, it would impose a significant burden and performance penalty on the Internet. So, we’ve spent a significant amount of time talking to our DataCenter partners in order to ensure that we can safely and successfully revoke and reissue our customers’ certificates.

While the vulnerability seems likely to put private key data at risk, to date there have been no verified reports of actual private keys being exposed. Our Partners and Us received early warning of the Heartbleed vulnerability and patched our systems 12 days ago.

We’ve spent much of the time running extensive tests to figure out what can be exposed via Heartbleed and, specifically, to understand if private SSL key data was at risk.

Heartbleed is being taken so seriously because OpenSSL is widely used, essentially no servers locally encrypt their data the way we do, and it’s been exploitable for some time; and your data is safe with us as we further extend our Infrastructure and Capabilities.

0 Comments