|
|
|
30
To no one's surprise, Google has confirmed that Iran is indeed blocking services that use SSL, at least part of them but probably all, but also other services such as YouTube. The move comes after plenty of similar attempts by the authorities there. There are even plans to build an alternative internet that woul... |
13 February 2012
16:40 GMT |
 |
|
Microsoft released a number of seven security bulletins for January 2012 that address vulnerabilities found in Windows Media, Windows ClickOnce application installer, Windows Object Packager, the operating system’s Kernel, and the now famous SSL/TLS protocol weakness dubbed BEAST. The vulnerability in the SSL ... |
11 January 2012
02:56 GMT |
|
|
Untangle Gateway Platform, a Linux-based network gateway with pluggable modules for network applications like spam blocking, web filtering, anti-virus, anti-spyware, intrusion prevention, VPN, SSL VPN, and firewall, is now at version 9.1.1. Untangle Gateway Platform 9.1.1 comes with a lot of fixes and changes, such a... |
28 December 2011
06:10 GMT |
|
|
Google security researchers Ben Laurie and Adam Langley propose a new way in which digital certificates are issued and verified, to make sure that situations in which CAs issue them unknowingly will become rare or even inexistent.
In a paper called “Certificate Authority Transparency and Auditability,” L... |
30 November 2011
05:43 GMT |
|
|
In a very short time the SSL BEAST research will be revealed and web browser vendors will have to come up with ingenious ways of protecting their products not to lose the admiration of their fans.
The easiest way to fix the problem would be to upgrade to the newer versions of the security protocols implemented so ... |
23 September 2011
09:52 GMT |
|
|
Researchers discovered that the encryption that's supposed to protect us while surfing the web is totally exploitable by hackers with the necessary know-how.
According to The Register, Thai Duong and Juliano Rizzo plan to demonstrate a proof-of-concept code which will prove that SSL protocols are not as secur... |
20 September 2011
08:25 GMT |
|
|
Earlier this year, Twitter made secured HTTPS connections to its main site the default for everyone. It was a great move forward for user privacy and security, but there was more to be done. Now, Twitter has announced that it has expanded its HTTPS support to the embedable buttons used by third party websites to twee... |
17 September 2011
05:51 GMT |
|
|
Mozilla is making available two new security-strengthened versions of Firefox for Mac OS X, Windows and Linux, advising all customers to update immediately. The releases revoke the root certificate for DigiNotar due to fraudulent SSL certificate issuance.An entry over at the Mozilla Dev Center posted by Christian Leg... |
7 September 2011
07:36 GMT |
|
|
Millions of Windows Live Hotmail users worldwide have already opted to add extra security to their email communication by enabling full-session HTTPS encryption (SSL) for their accounts. In fact, in excess of two million people leveraged the opt-in Secure Sockets Layer cryptographic protocol protection for Hotmail t... |
8 July 2011
07:59 GMT |
|
|
An upgraded version of the Outlook Hotmail Connector (both the 32-bit and the 64-bit flavors) is now available for download from Microsoft enabling customers to benefit from the security advantages of the Secure Sockets Layer cryptographic protocol. Alessio Roic, Outlook Senior Program Manager stressed that the late... |
8 July 2011
05:23 GMT |
|
|
Back in November 2010, Microsoft upgraded its free email service with full-session HTTPS encryption, and it’s now the turn of the company’s free email client to benefit from secure socket layers, or SSL. The software giant has made available for download a new version of Windows Live Essentials 2011, Bui... |
7 July 2011
03:58 GMT |
|
|
Google introduced an encrypted version of its website a year ago and has since been working on tweaking and improving it. It hasn't made much fuss about it, but the secured version is still getting updates and improvements, the latest being a rather big one, support for Image Search.Google Image Search can now b... |
23 May 2011
11:30 GMT |
|
|
Way back in Google Chrome 9, which means late last year, Google introduced SSL False Start, a method of speeding up SSL handshakes enabling websites that use the secured protocol to load faster and removing some of the overhead of using an encrypted connection.SSL False Start is more or less a hack, Chrome simply ski... |
19 May 2011
05:30 GMT |
|
|
After announcing a somewhat crippled HTTPS implementation a month ago, Facebook has made significant progress towards fixing the issues, like enabling the chat functionality.Google is clearly pushing HTTPS into the mainstream by enabling it by default for services like Gmail, Docs, Calendar and more recently, Picasa ... |
23 February 2011
09:15 GMT |
|
|
Google has enabled default HTTPS connections for Picasa Web Albums, proving yet again that complex mainstream services used by millions around the world can be secured with SSL/TLS without major problems.For years, online service providers have used SSL for the authentication process in order to protect clear text pa... |
15 February 2011
11:51 GMT |
|
|
Hotmail announced yesterday that it was offering its users the possibility to take advantage of encryption when using the Hotmail free e-mail service.This will be possible once the HTTPS (Hypertext Transfer Protocol Secure) for Hotmail is enabled, which will encrypt your data just like it does when you sign in, via s... |
10 November 2010
07:13 GMT |
|
|
GitHub, one of the largest code hosting repositories and collaborative development platforms in the world, started to enforce HTTPS, as the default and only method of accessing the website.HTTPS (HTTP Secure) is a combination of the Hypertext Transfer Protocol and the SSL/TLS protocol and is used to encrypt communica... |
3 November 2010
06:56 GMT |
|
|
About a month ago Google introduced a great new feature for the more security conscious, encrypted search. Visitors to https://www.google.com would have their entire session encrypted making it almost impossible to intercept by a third-party. It was a great win for privacy but a very particular problem arose, schools... |
26 June 2010
04:41 GMT |
|
|
Google’s move to a more secure search engine has created some unexpected problems for schools and presumably any other organization that filters the web. The search engine introduced an encrypted version in beta last month, a move hailed by privacy advocates and security experts. However, some schools are now w... |
9 June 2010
11:30 GMT |
|
|
Google has extended SSL coverage to its biggest service yet, the Web Search. The new encrypted search offers significant privacy protection at virtually no cost. The HTTPS (Hypertext Transfer Protocol Secure) is a protocol that makes use of SSL/TLS to encrypt HTTP communications. Even though HTTPS dates back to the ... |
24 May 2010
10:48 GMT |
|
|
A report by The Mac Security Blog, managed by security firm Intego, points out that Apple has updated its cloud-based service, adding some new features. Particularly, MobileMe now sports improved security in all of its web-based apps, Intego has found. “The change is the addition of SSL (Secure Sockets Layer), ... |
24 May 2010
02:46 GMT |
|
|
Google kept this one until after the Google I/O 2010 conference, but it’s certainly a big announcement. Google has now enabled SSL (Secure Sockets Layer) encryption of its search engine ensuring that any web search user’s conduct stays private. The feature is labeled as a beta and isn’t the default ... |
22 May 2010
04:30 GMT |
|
|
After security researchers and privacy advocates begged Google for years to enable HTTPS on Gmail by default, the company finally decided to do it. The most important consequence is that users checking their email from insecure networks will be protected from Man-in-the-Middle attacks. For well over a decade, the Hy... |
14 January 2010
11:35 GMT |
|
|
Following the mid-September launch of the Microsoft Ajax CDN (Content Delivery Network), the Redmond company promised that it would be adding support for Secure Sockets Layer in the future. At the end of November, the software giant managed to deliver on that promise, and now the Microsoft AJAX CDN service provided b... |
2 December 2009
04:28 GMT |
|
|
Two weeks after Moxie Marlinspikes and Dan Kaminsky revealed null byte SSL exploits in Mozilla software, the recent security update from the Thunderbird crew comes to completely fix Mozilla's SSL certificate handling problems. Previous security updates patched the Firefox browser (3.5.2 and 3.0.13), and can be f... |
21 August 2009
08:59 GMT |
|
|
For many developers, the hassle from working with SSL can be replaced with a simple JavaScript library called JCryption. Released on August 2, 2009 by Austrian developer Daniel Griesser with collaborations from the jQuery Development Team and Andrew Shapiro from JS-Library, it boasts being a real easy and fast soluti... |
12 August 2009
09:50 GMT |
|
|
Security researcher Moxie Marlinspike demonstrated at the Black Hat security conference how an SSL certificate issued for a domain name containing a null byte could be used to spoof any address on the Web. The researcher incorporated the technique into a man-in-the-middle tool called SSLSniff, which he initially rele... |
30 July 2009
10:17 GMT |
|
|
The Carnegie-Mellon University (CMU) made available a Firefox extension developed at their School of Computer Science and College of Engineering that improves security in Firefox by protecting against man-in-the-middle attacks. The extension, named Perspectives, is available only for Firefox 3 and works on Windows, L... |
26 August 2008
09:05 GMT |
|
|
A tool that automatically steals IDs of non-encrypted sessions and breaks into Google Mail accounts has been presented at the Defcon hackers' conference in Las Vegas.Last week Google introduced a new feature in Gmail that allows users to permanently switch on SSL and use it for every action involving Gmail, and ... |
11 August 2008
11:57 GMT |
|
|
Accessing the Google Account through AdWords, AdSense, Analytics is proving rather tricky these days, and not only for the services mentioned above, but for every Google property that requires SSL certification. Nobody wants to see a security warning when they want to see how well their advertising is going, thoughts... |
6 March 2008
15:51 GMT |
|
|
Change the way you're thinking about the SSL certification, for it is not that safe, researchers from Netcraft advised. Don't go rushing ahead and provide all the personal information, for it might get stolen, and other phrases to that effect. Why's that? Because the companies assuring that the site is... |
6 March 2008
08:36 GMT |
|
|
Securing data from web-based applications is just an aspect of keeping information safe. In this context, an encryption framework will do the trick of keeping sensitive data confidential. And this is where Secure Socket Layer and Transport Layer Security come into play, along with Apache. When it comes down to bridgi... |
7 January 2008
06:12 GMT |
|
|
|
|
Find us on Google+
