ssl/tls

Chrome to distrust Symantec certificates from next year

Chrome to distrust Symantec certificates from next year

Site operators urged to replace digital credentials.
Juha Saarinen Jul 31 2017 8:38AM Security
Symantec tricked into revoking SSL certs with fake keys

Symantec tricked into revoking SSL certs with fake keys

Journo tests legitimacy processes.
Juha Saarinen Jul 21 2017 3:36PM Security
Digital certificate use by phishing sites spikes

Digital certificate use by phishing sites spikes

Let's Encrypt, Comodo continue to issue credentials for fraudulent sites.
Juha Saarinen Apr 13 2017 6:08AM Security
Symantec slams Google's TLS cert penalty measures

Symantec slams Google's TLS cert penalty measures

Tech giants in public spat.
Juha Saarinen Mar 28 2017 7:30AM Security
Cloudbleed data leak flaw wasn't exploited: Cloudflare

Cloudbleed data leak flaw wasn't exploited: Cloudflare

Company to continue analysis of "extremely serious bug".
Juha Saarinen Mar 3 2017 6:33AM Security
Cloudbleed: When security means living with complexity

Cloudbleed: When security means living with complexity

[Blog post] It's difficult trying to do the right thing.
Juha Saarinen Feb 28 2017 10:00AM Security
Expired certificate locks US DHS staff out of systems

Expired certificate locks US DHS staff out of systems

DHS domain controllers said no to logins.
Staff Writers Feb 23 2017 9:30AM Security
Security products endanger customers through poor TLS interception

Security products endanger customers through poor TLS interception

Introduce Logjam, POODLE, CRIME and other vulnerabilities.
Juha Saarinen Feb 8 2017 12:15PM Security
Google sets up own root certificate authority

Google sets up own root certificate authority

Continues push towards secure HTTPS-based web.
Juha Saarinen Jan 29 2017 9:05PM Security
Symantec in another bogus digital certs blunder

Symantec in another bogus digital certs blunder

"Test" certificates revoked.
Juha Saarinen Jan 23 2017 9:00AM Security
Thousands of bogus certs issued after GoDaddy bug blunder

Thousands of bogus certs issued after GoDaddy bug blunder

Flaw unnoticed since July last year.
Juha Saarinen Jan 12 2017 9:52AM Security
HEIST attack breaches HTTPS in the browser

HEIST attack breaches HTTPS in the browser

Can tap into HTTPS comms without MITM position.
Greg Masters , Staff Writers Aug 5 2016 5:16AM Security
Respect my Certificate Authority!

Respect my Certificate Authority!

[Blog post] You should decide who to trust.
Juha Saarinen May 31 2016 2:30PM Security
Long way to go before the web is HTTPS protected

Long way to go before the web is HTTPS protected

Moving can be a struggle for site operators.
Juha Saarinen Mar 16 2016 9:21AM Security
OpenSSL fixes high-severity key recovery hole

OpenSSL fixes high-severity key recovery hole

Further hardening against "Logjam" attack included in update.
Juha Saarinen Jan 29 2016 9:25AM Security
Google dumps Symantec SSL certificate in Chrome, Android

Google dumps Symantec SSL certificate in Chrome, Android

No longer trusted.
Juha Saarinen Dec 14 2015 6:51AM Security
Scores of devices on Telstra vulnerable to silent data interception

Scores of devices on Telstra vulnerable to silent data interception

Digital key reuse leaves millions of network devices wide open.
Juha Saarinen Nov 27 2015 4:37PM Security
Dell owns up to eDellroot fake cert security gaffe

Dell owns up to eDellroot fake cert security gaffe

Posts removal instructions and pushes out software update.
Juha Saarinen Nov 25 2015 7:00AM Security
Fake digital certificates on Dell systems put users at risk

Fake digital certificates on Dell systems put users at risk

Superfish round two?
Juha Saarinen Nov 24 2015 6:36AM Security
Slew of snafus threaten integrity of SSL/TLS

Slew of snafus threaten integrity of SSL/TLS

[Blog post] Digital certificate system too fragile.
Juha Saarinen Nov 17 2015 2:13PM Security

Log In

  |  Forgot your password?