On 26/09/2014 5:01 PM, Peter Ross wrote:

From: "Rohan McLeod" <rhn@jeack.com.au>

...

Any news regarding mobile phones and routers etc ?

I have an older QNAP NAS appliance (used for backup) that is vulnerable as well.

Why not run Debian on it? I used funplug on my old D-Link DNS343 NAS units, one of two out of service now, the other out of service soon -- NOT Internet accessible at all. I've installed Debian Wheezy on Thecus N4800eco units now, these were to replace the D-Link gear.

On an Apple, I wonder what breaks if you point sh and bash to ksh (until the fix comes in) Probably not much.

Apple had another great fail with iOS 8.0.1 -- apparently the same person approved it as for their maps debacle; at least they've got 8.0.2 out now (not that I use any iDevice myself). I don't expect Apple to be quick with a fix, OS X Mavericks is quite old for openssl too, too old for heartbleed. In the past when Apple made themselves responsible for their /own/ Java builds, they were very slow to fix them as well. Suffice to say, I wouldn't count on /perfect/ Apple to fix this bash problem quickly, but I would be happy to be proved wrong. Cheers A.