OVH Community, your new community space.

SSL bug Heartbleed

04-14-2014, 11:13 AM
Even though you were not affected by Heartbleed why is Perfect Forward Secrecy (PFS) disabled on hubiC? If a similar bug is discovered in future that potentially expose private keys only PFS would prevent decrypting data that has been transferred in the past.

I was asking the same question a few months ago and I got the reply that you guys need to test PFS first. When are you going to finish testing PFS?
hubiC could be very attactive for many people as you don't fall under US jurisdiction. But the missing PFS makes me feel a bit unsafe.

I can't wait to see an "A" rating in the SSL report some day:

Kind Regards.

04-11-2014, 09:54 AM
Hi Lordbaltimore,

OVH Products, hubiC included, are not affected by this SSL Bug. Indeed, we use some Cisco products that are not using OpenSSL. So, you dont had to change your password.

If you want to know about details on our products, you could see this page :


04-11-2014, 06:22 AM
Hey guys, is hubiC affected by the SSL bug Heartbleed? If so, do you have fixed it yet? Is there any need to change password? Regards.