The tech press (and for a time the mainstream press) has been full of news recently about something called “Heartbleed”.
Heartbleed is the name which has been given to a serious flaw detected in OpenSSL, an open source toolkit used on many thousands of servers across the internet to handle security and encryption. The identified flaw allows information from the memory of the server (which would usually be protected) to be extracted in small chunks by someone acting maliciously. Often this will extract mundane and essentially useless information, however it is possible that this attack could extract sensitive data such as usernames and passwords, and place them in the hands of the attacker.
So what does this mean for PharmiWeb?
Within 24 hours of the vulnerability being made public we checked all of our public facing websites which use SSL encryption; all certificates were found to be secure, and did not require any patching against the new bug. We do not actively use OpenSSL for any of our encryption, so this was to be expected.
However, some big name, global services have been impacted by the vulnerability, so it would be prudent to update your credentials for any affected services who have patched their servers. A full list of those known to have been affected can be found at the following site:
If any of you has been in receipt of multiple applications from the same candidate (in a short space of time), we have this week just implemented a fix to tighten this up. Essentially some candidates were multiple clicking the “Apply” button, or refreshing a page once their application had been processed.
We’ve now put a check in place so that this should no longer happen, unless the candidate specifically says “yes I want to re-apply”. This is also the case if the candidate applies for the same job at ANY time in the future.
Hopefully this will help filter out any duplicates you might have been getting
We’ve updated the CV database “email me this CV” function, as it had a problem displaying in the latest Internet Explorer, and you couldn’t see the submit button!
All sorted now!
If you’re a recruiting client of PharmiWeb, here’s a chance to tell us what you think!
Its only a single page… but will help us refine our development plan, and also target the right individuals in our candidate attraction strategy.
It seems we had a problem processing some job applications last week due to a bottleneck in sending emails. The applications have not been lost, so we’re currently working through the backlog to re-process them in batches.
This has not affected all applications, but unfortunately does mean some clients may receive duplicate applications (although they will not be recorded twice in the stats or reports) when we re-process them
The issue was resolved rapidly as soon as we were aware of it, so hope you can bear with us while the backlog is processed.
As part of our plan to bring all our login processing into one place (job posting, CV database, candidate etc) and make everything more secure, we’re rolling out a new registration and processing system.
Initially users shouldn’t “feel a thing”, as this will be changes behind the scenes. This should be complete mid November. if anyone does experience any login problems, simply email me and I’ll sort it out!
The next stage is to import client users and merge CVDB accounts with job Posting Accounts. This will mean that each user will have a unique email and password combination, and it will give a user access to both systems (where contracts allow).
Once this is complete we will be updating all our “registration” pages.
If anyone has any problems just email email@example.com
You may have noticed, we’ve updated the email you get when a candidate applies for a job. This is part of an ongoing upgrade to bring all our emails into a new template and structure, and so we’ve been rolling this out over the last few weeks. This brought to light an issue that truncated cover letters on the application email, but this has now been resolved.