Y
Hacker News
new
|
ask
|
show
|
jobs
by
ceejayoz
4449 days ago
Is this something I have to worry about as someone who uses AWS ELB SSL offloading? Hard to tell from the docs.
1 comments
trapexit
4449 days ago
Yes.
https://forums.aws.amazon.com/thread.jspa?threadID=149690
link
nicpottier
4448 days ago
Note that until it gets patched, you can go to your ELB config and disable TLS support, which I believe (someone please correct me if not) will protect you from this particular attack. Whether the cure is better than the disease is up to you.
link
ccpost
4448 days ago
Disabling TLS in the ELB config seemed to work for me until AWS finishes the patch rollout. (Looks like they're partway on the rollout.)
link