Two weeks after Moxie Marlinspikes and Dan Kaminsky revealed null byte SSL exploits in Mozilla software, the recent security update from the Thunderbird crew comes to completely fix Mozilla's SSL certificate handling problems. Previous security updates patched the Firefox browser (3.5.2 and 3.0.13), and can be f... |
21 August 2009
08:59 GMT |
 |
|
For many developers, the hassle from working with SSL can be replaced with a simple JavaScript library called JCryption. Released on August 2, 2009 by Austrian developer Daniel Griesser with collaborations from the jQuery Development Team and Andrew Shapiro from JS-Library, it boasts being a real easy and fast soluti... |
12 August 2009
09:50 GMT |
|
|
Security researcher Moxie Marlinspike demonstrated at the Black Hat security conference how an SSL certificate issued for a domain name containing a null byte could be used to spoof any address on the Web. The researcher incorporated the technique into a man-in-the-middle tool called SSLSniff, which he initially rele... |
30 July 2009
10:17 GMT |
|
|
The Carnegie-Mellon University (CMU) made available a Firefox extension developed at their School of Computer Science and College of Engineering that improves security in Firefox by protecting against man-in-the-middle attacks. The extension, named Perspectives, is available only for Firefox 3 and works on Windows, L... |
26 August 2008
09:05 GMT |
|
|
A tool that automatically steals IDs of non-encrypted sessions and breaks into Google Mail accounts has been presented at the Defcon hackers' conference in Las Vegas.Last week Google introduced a new feature in Gmail that allows users to permanently switch on SSL and use it for every action involving Gmail, and ... |
11 August 2008
11:57 GMT |
|
|
Accessing the Google Account through AdWords, AdSense, Analytics is proving rather tricky these days, and not only for the services mentioned above, but for every Google property that requires SSL certification. Nobody wants to see a security warning when they want to see how well their advertising is going, thoughts... |
6 March 2008
15:51 GMT |
|
|
Change the way you're thinking about the SSL certification, for it is not that safe, researchers from Netcraft advised. Don't go rushing ahead and provide all the personal information, for it might get stolen, and other phrases to that effect. Why's that? Because the companies assuring that the site is... |
6 March 2008
08:36 GMT |
|
|
Securing data from web-based applications is just an aspect of keeping information safe. In this context, an encryption framework will do the trick of keeping sensitive data confidential. And this is where Secure Socket Layer and Transport Layer Security come into play, along with Apache. When it comes down to bridgi... |
7 January 2008
06:12 GMT |
|
|
