An Interest In:
Web News this Week
- April 13, 2024
- April 12, 2024
- April 11, 2024
- April 10, 2024
- April 9, 2024
- April 8, 2024
- April 7, 2024
Some of Our Sources
- Simplebits
- Joshua Blankenship
- Spoon Graphics
- TutsPlus - Design
- Noupe
- Line 25
- Stylized Web
- Android Dissected
- Daily Now
- Hashedout
Help Webnuz
Referal links:
September 20, 2011 08:05 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/zQOJmzAizEw/Hackers-Break-Browser-SSLTLS-Encryption
Hackers Break Browser SSLTLS Encryption
First time accepted submitter CaVp writes with an article in The Register about an exploit that appears to affect all browsers and can decrypt an active TLS session. From the article: "Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that's passing between a webserver and an end-user browser."A full disclosure is scheduled for Friday September 23rd at the Ekoparty conference. Note that this only affects SSL 2.0 and TLS 1.0; unfortunately most web servers are misconfigured to still accept SSL 2.0, and TLS 1.1 and 1.2 have seen limited deployment. The practicality of the attack remains to be determined (for one it isn't very fast, but if the intent is just to decrypt the data for later use that isn't an impediment). 
Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/zQOJmzAizEw/Hackers-Break-Browser-SSLTLS-Encryption
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot