Karaoke time! Click for the melody to sing along…
OpenSSL is the boring but enormously important piece of open source encryption software that’s used by just about everybody and his dog.
In April 2014 websites everywhere were struck by an OpenSSL bug that allowed attackers to trick them into revealing fleeting glimpses of data that just happened to be in memory on the server at the time.
Most often, the fragments of data revealed by the bug contained boring and unimportant data, but once in a while, secrets such as server encryption keys were blurted out.
Paul Ducklin explained how it all worked in his usual technical-yet-comprehensible way:
And for your chance to win an exclusive, limited edition, Naked Security T-shirt, work out the answer to Paul Ducklin’s Heartbleed brain teaser below…
We need to know your email address so that we can contact you if you’ve won. When we contact you, we’ll need your T-shirt size, a delivery address and a contact number so we can ship your prize. We won’t use any of your personal details for anything other than this competition.
Entries close at 23:59 Pacific Standard Time (UTC-8) each day. Sophos staff, those professionally connected to the company, and their families, are welcome to submit answers for fun, but can’t win. T-shirt styles may vary from those depicted. Sophos’s decision is final, and so on. Please read our official competition terms and conditions.
What was Day 2’s answer?
On Day 2, we asked you how by how many days Windows Server 2003 would officially outlive Windows XP.
Very simply put, we wanted you to calculate the number of days between these Microsoft-specified dates:
Those are both Patch Tuesdays, of course, and the de facto release time for Microsoft’s updates is 10am Seattle time, so we assumed a precise number of days with no rounding needed.
We didn’t want you to count inclusively, where you treat even one minute to midnight as “all of today”, and one minute past midnight as “all of the next day,” and round up those two minutes to two days.
We accept that some people count, or used to count, that way.
In biblical times, for example, it was perfectly usual, which is why there’s a famous quotation from Jesus that goes, “Today, and tomorrow, and the third day.”
He didn’t mean, say, Monday, Tuesday and Thursday; he meant three consecutive days, adding in both the first and the last.
But we wanted a 21st-century days-between-dates calculation, so those of you who said 463 were, sadly, incorrect.
The answer we wanted was: 462 days.
By the way, that’s 223 days from today (2014-12-03), which is just a touch over seven months.
How’s your Server 2003 replacement plan going?