Friday, April 11, 2014

Heartbleed SSL Issue and BBRTS

Just a heads up for those of you using the HTTPS (Secure) version of the website and using the site to purchase subscriptions.

We were not now, nor have we ever been exposed to the Heartbleed SSL security issue.  We subscribe to all security updates as they become available, but this particular issue did not impact any of our websites or credit card processing services.

We currently score an "A" with SSL Labs.  Most major banks only score "A-" and as of today... the NSA and FDIC both score an "F".  Something to be said about an Adult site having better security than the FDIC, but you would expect nothing less from us.  We take your information and privacy seriously.

If you are concerned about websites you use, you can test them by going to the Qualys SSL Labs testing site:

https://www.ssllabs.com/ssltest/analyze.html


They are an industry leader in SSL Testing and Security/Penetration Testing for Security.

We have had a couple of reports by members claiming we are not secure.  In every case, the test tool  made an assumption that because we use Apache Web Servers, we were exposed.  According to those simplistic testers... 60% of the web is exposed as Apache Web Servers are the worlds most popular. It is always a good idea to use a reputable source (like SSL Labs) for such issues.

BBRTS Support