If you read the technology press, you will have seen a flurry of articles about the Heartbleed Bug this week. This bug is a serious vulnerability in OpenSSL, a software library used by a large number of web sites to deliver their services over encrypted connections, including EnergyDeck.
The security advisory about this vulnerability was first sent out on Monday night and we received it on Tuesday morning. We immediately took steps to verify whether the EnergyDeck site was impacted, discovered that it was and patched the system. This was done through an emergency fix by midday Tuesday.
Revising our security configuration and procedures is a normal process at EnergyDeck and we do it regularly to ensure that every issue is dealt with as quickly as possible. In this particular case, we are indebted to the open source community and in particular the Debian project for releasing a patch very quickly after the initial vulnerability was disclosed.