Our Weblog //

Pinitto.me gets a security upgrade

As of this moment the pinitto.me proxy code now protects users from the TLS BEAST attack.

What does this mean? Well as an every day user you won’t notice any difference but a BEAST attack is a way that a third party can decypt the secure connection between pinitto.me’s servers and your browser.

We use a wrapper around nodejitsu’s node-http-proxy module in order to serve requests to the actual pinitto.me node.js application, with the code being available on github: pinitto.me proxy code.

If you are interested in finding more out about the updated code and the fix please see lead developer Lloyd Watkin’s post on the fix: Protect nodejs from TLS BEAST attack.