Browsing Category: Cryptography

james comey

Mobile Device Encryption Could Lead to a ‘Very, Very Dark Place’, FBI Director Says

FBI Director James Comey said Thursday that the recent movement toward default encryption of smartphones and other devices could “lead us to a very, very dark place.” Echoing comments made by law enforcement officials for the last several decades, Comey said that the advanced cryptosystems available today threaten to cripple the ability of intelligence and law[...]

Read more...

new lock old lock_SSL keys

OpenSSL Releases Patch for POODLE Attack

The OpenSSL Project has released a new version of the encryption software, which patches several security flaws, including the bug that is exploited by the POODLE attack on SSLv3. The updated versions of OpenSSL come just a couple of days after a trio of researchers at Google revealed the POODLE attack, which allows an attacker to[...]

Read more...

lock screenshot

Browser Vendors Move to Disable SSLv3 in Wake of POODLE Attack

With details of the new POODLE attack on SSLv3 now public, browser vendors are in the process of planning how they’re going to address the issue in their products in a way that doesn’t break the Internet for millions of users but still provides protection.

Read more...

ones and zeroes

New POODLE SSL 3.0 Attack Exploits Protocol Fallback Issue

A new attack on the SSLv3 protocol, disclosed Tuesday, takes advantage of an issue with the protocol that enables a network attacker to recover the plaintext communications of a victim.

Read more...

iphone 5s

Experts Laud Changes to iPhone, Android Encryption

The changes that both Google and Apple have made to their mobile operating systems to encrypt the data on users’ devices have generated praise from the security and privacy communities and vitriol and criticism from the law enforcement and political worlds in equal measure.

Read more...

locks

CloudFlare Rolls Out Free SSL

In a move that will essentially double the number of SSL-protected sites on the Web in the space of 24 hours, CloudFlare on Monday said that it was enabling SSL for all of its more than two million customers for free. The new service is called Universal SSL, and the company is making it available[...]

Read more...

mozilla patches

Mozilla Patches RSA Signature Forgery in Firefox, Thunderbird, NSS

Users of Mozilla products should update Firefox, NSS, SeaMonkey and Thunderbird in order to obtain fixes for a bug that could let an attacker forge RSA certificates and perform man-in-the-middle attacks.

Read more...