> 1. inclusive of [1..3] above > 2. replace all operating systems > 3. audit or replace all user data
And also burn the hardware, given that if you're assuming the worst-case scenario, all your firmware is now replaced with that of Roomba. I mean, it's a very cool bug. I'm jealous of Neel. But it's also one of the most weird PR cycles I have seen in recent history and I don't think it happened entirely on its own. I think it's funny that apparently the first thing Codenomicon did was to register heartbleed.com on Saturday - and then waited with contacting OpenSSL for at least two more days, as if that mattered less. /mz _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
