SSL Pulse: 49% vulnerable to CVE-2014-0224, 14% exploitable because they’re running a newer version of OpenSSL. The problem is exploitable only if both sides use OpenSSL and the server uses a vulnerable version of the 1.0.1 branch. The good news is that most browsers don’t rely on OpenSSL, which means that most browser users won’t be affected. Android browsers are vulnerable to this attack and many command-line and similar programmatic tools use this.”]

