TechSpot

tls articles

OpenSSL now protects against Logjam attack

With help from the Linux Foundation’s Core Infrastructure Initiative (CII) and the NCC Group, the OpenSSL project has patched a number of moderate- and low-level security vulnerabilities in the latest releases of its software.

Google discovers vulnerability in SSL 3.0 dubbed 'Poodle'

Google has published details of a vulnerability in the design of SSL version 3.0. The attack, referred to as POODLE (Padding Oracle On Downgraded Legacy Encryption), allows the plaintext of secure connections to be calculated by a network attacker according…

Google set to enforce tighter SSL security in Chrome

Google is setting out higher standards for security in Chrome and other products created on it. The company is outlining major changes to its enforcement of SSL/TLS certificates on a post to the CA/Browser Forum Public Discussion List.

Facebook enables secure browser connections by default

The world’s most popular social network recently implemented an additional layer of security by migrating to https by default. That means that almost all users visiting Facebook via the web or over mobile will now do so through a secure…

Compression flaw may allow for HTTPS hijacking on some browsers

Security researchers have discovered a SSL-based compression flaw which allows hackers to hijack HTTPS-encrypted web sessions. HTTPS, or HTTP Secure, is the same protocol used by online stores, banks and other websites to encrypt the sensitive data transmissions across the net.  …