Heartbleed bug

On the morning of April 8, our web development team began addressing a solution to secure the Sht Lst servers, Sht Lst users, and all online complaint data from the Heartbleed bug. If you’re unfamiliar with the Heartbleed bug, please read this first.

In addition to Heartbleed bug having a cool name and logo, it also poses very serious threats to our online security. About two-thirds, or 66%, of all websites use open-source web servers like Apache and nginx. That means, if our math is right (and it is) 66% of all websites were (or, still are) vulnerable to Heartbleed bug-related attacks.

If this “nerdy stuff” bores you, simply read the following takeaways.

Our awesome team of developers:

  • Addressed the Heartbleed bug immediately
  • Updated and secured all servers, applications, and databases
  • Notified and informed our user community of the Heartbleed bug

If you’re still with us, thanks for your time…

More about the Heartbleed bug:

Google security researcher Neel Mehta first discovered Heartbleed bug on March 21. You will recall from about the first sentence in this post that we were notified (along with the majority of the rest of the world) about the Heartbleed bug on April 8. While we could have taken measures to address the issue within those eighteen days, OpenSSL didn’t release a patch

Unfortunately, the Heartbleed bug has been in existence since March of 2012, so there is no telling how far or wide the Heartbleed bug has spread. That being said, we take online privacy very seriously and are dedicated to creating a safe, secure, and spam-free experience for our Sht Lst users.

How we protect your privacy online:

On all of our public-facing websites we use SSL certificates, evidenced by the https:// preceding the URL. SSL certificates keep the information transmitted between your device and our website private and between us.

To learn more about SSL certificates, check out Private By Default.