We have received many questions from our users regarding the omnipresent Heartbleed bug in OpenSSL, a library that is used in many web services and also in our own applications, Shimo and Kiwingu. That’s why we want to inform you about the impact of this bug on your secure VPN connections and cloud storage access.
First of all: You are completely safe!
In both cases, with Shimo and Kiwingu, SSL may be used for authentication, but the heartbleed bug is primarily critical when employed on a secured server. Therefore your remote endpoint (e.g. VPN server or cloud storage provider) needs to make sure that the Heartbleed bug is fixed. The client side (our applications) is not affected and cannot be exploited to expose any information.
Nevertheless, the latest beta versions of our applications will be bundled with a fixed version of the OpenSSL library, which does not contain the Heartbleed bug anymore. This does not add anything to your internet security (as the current versions are already safe), but it makes sure that our applications are up-to-date with the latest security developments.
The latest and greatest versions of Shimo and Kiwingu can be purchased with a discount of 25% for the next seven days. The corresponding coupon code is HEARTBEAT and can be used in our ChungwaStore.