720-891-1663

Symantec Issues More Unvalidated SSL Certificates

Symantec, who is already on probation for issuing inappropriate SSL certificates, issued more than a hundred additional “illegit” certificates. SSL certificates – more technically TLS certificates – are the bits of technology required to make those “secure” web sites work. Certificates are issued by certificate authorities (CAs) – organizations who have supposedly set up processes […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Another SSL Attack – But Don’t Panic

SSL and TLS, the security protocols that protect most of our banking and ecommerce transactions is a complicated beast – more so due to the the many options it offers. ars technica in an article titled “Noose around Internet’s TLS system tightens with two new decryption attacks”, discussed a paper presented at Black Hat Asia that describes […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Is SSL Broken

While every single bank and ecommerce provider tells you that SSL (or HTTPS) is wonderful and fully protects you, unless they are on drugs, they don’t really believe that.  From their perspective, the risk is manageable and they would rather reimburse you if you can prove their SSL connection leaked AND cost you money than […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Is your encryption secure? – Sure, just like flying pigs (keep reading)

Der Spiegel wrote an article on efforts by the NSA and GCHQ (their British equivalent) to crack encryption of various sorts. Take the article at what it is worth;  it is based on documents that Snowden released, so it is a little bit old. I apologize that this post is pretty long, but there is […]

Continue reading → [DISPLAY_ACURAX_ICONS]