|
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
|
|
|
Source: InfoWorld - Posted by Anthony Pell
|
|
Digital Certificate Authority (CA) Trustwave revealed that it has issued a digital certificate that enabled an unnamed private company to spy on SSL-protected connections within its corporate network, an action that prompted the Mozilla community to debate whether the CA's root certificate should be removed from Firefox.
|
|
|
Source: H Security - Posted by Anthony Pell
|
|
DNS service provider OpenDNS has announced a preview release of a new open source tool to improve internet security: DNSCrypt encrypts all DNS traffic between a user's system and a DNS server. The tool is currently only available for the Mac, with a Windows version promised, and only works with OpenDNS's own DNS service. |
|
|
Source: PC World - Posted by Anthony Pell
|
|
The largest telecommunications company in the Netherlands has stopped issuing SSL (Secure Sockets Layer) certificates after finding indications that the website used for purchasing the certificates may have been hacked. |
|
|
Source: eWeek - Posted by Dave Wreski
|
|
A hacker group has released a proof-of-concept tool that exploits how encryption keys can be renegotiated to launch a distributed denial of service attack against Secure Sockets Layer servers. |
|
|
Source: Information Week - Posted by Dave Wreski
|
|
Watch your Web Services: the official XML Encryption Syntax and Processing standard can be broken.
So say two researchers from Ruhr-University Bochum in Germany, who have demonstrated a practical attack against XML's cipher block chaining (CBC) mode. |
|
|
Source: CSO Online - Posted by Dave Wreski
|
|
Google is extending SSL encryption security to search traffic for all logged-in Gmail users, the company has announced. The key phrase here is 'by default' because it has been possible for Google search users to access encrypted search manually since May of last year using the https://encrypted.google.com/ site.
|
|
|
Source: Network World - Posted by Dave Wreski
|
|
The SSL certificate authorities like Comodo that have had their security undermined by hackers shouldn't be trusted, and in fact, the way the entire SSL certificate industry of today works can and should be replaced with something better, says Moxie Marlinspike, a security expert who's come up with a plan he says will do that. |
|
|
Source: USA Today - Posted by Alex
|
|
The keepers of the Internet have become acutely concerned about the Web's core trustworthiness. Hackers cracked three companies that work with the most popular Web browsers to ensure the authenticity of Web pages where consumers type in sensitive information, such as account log-ons, credit card numbers and personal data. |
|
|
Source: Network World - Posted by Dave Wreski
|
|
The digital watchdog Electronic Frontier Foundation (EFF) lent a technical hand to fix security problems in a tool used to encrypt instant messenger conversations using the Adium and Pidgin programs.
|
|
|
Source: The Register UK - Posted by Alex
|
|
Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that's passing between a webserver and an end-user browser. |
|
|
<< Start < Prev 1 2 3 Next > End >>
|
| Results 1 - 10 of 996 |
