If you are affected by DROWN you are an idiot

Drown is the latest vulnerability in OpenSSL. Essentially it allows an attacker to decrypt your TLS session and get data out of that session.

The thing is, it is based on a vulnerability in SSLv2! Here lies my problem with this: SSLv2 has been known to be insecure for ...

more ...