Chrome is helping kill HTTP

 2016 might be the year that HTTP finally dies. Chrome’s security team announced today that the browser will start marking websites that use insecure HTTP connections to transmit passwords and credit card data as insecure, beginning in January 2017. The warning will appear in the address bar of the browser and will call users’ attention to the fact that their personal information… Read More


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/L5PwcLC2b_0/

Original article

Decade-old ‘forbidden attack’ vulnerability affects HTTPS Visa sites

A number of supposedly secure HTTPS sites owned by Visa are vulnerable to what has been dubbed the ‘forbidden attack’. The security flaw makes it possible for hackers to inject content and code into sites, as well as opening up the possibility of performing man-in-the-middle attacks. A team of researchers have published a paper that shows how 70,000 HTTPS servers were vulnerable to the attack, and 184 were found to be particularly at risk. While many of the affected sites have since been patched, sites belonging to Visa and Polish banking associate Zwizek Banków Polskich remain insecure because of reusing… [Continue Reading]


Original URL: http://feeds.betanews.com/~r/bn/~3/_UT7MRuTtYM/

Original article

Google enables HTTPS for all Blogspot sites

fig1 Google today made HTTPS connections the default for all of the sites on its Blogspot domain. Google first enabled HTTPS for Blogspot last September, but at the time, it was an opt-in feature. Starting today, encrypted connections are enabled by default. It’s worth noting that this only applies to Blogspot blogs that fall under the .blogspot.com domain. HTTPS is currently not available… Read More


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/VyCRbSWvipA/

Original article

We’re Going HTTPS: Here’s How WIRED Is Tackling a Huge Security Upgrade

We’re Going HTTPS: Here’s How WIRED Is Tackling a Huge Security Upgrade

Today’s a big day on WIRED.com. Do you see that new lock icon next to WIRED.com in your address bar? Starting today, WIRED is making the switch to HTTPS. The post We’re Going HTTPS: Here’s How WIRED Is Tackling a Huge Security Upgrade appeared first on WIRED.


Original URL: http://www.wired.com/2016/04/wired-launching-https-security-upgrade/

Original article

A Scheme to Encrypt the Entire Web Is Actually Working

A Scheme to Encrypt the Entire Web Is Actually Working

The non-profit certificate authority Let’s Encrypt is enabling a sea change toward HTTPS encryption online. The post A Scheme to Encrypt the Entire Web Is Actually Working appeared first on WIRED.



Original URL: http://feeds.wired.com/c/35185/f/661370/s/4eefdbb5/sc/28/l/0L0Swired0N0C20A160C0A40Cscheme0Eencrypt0Eentire0Eweb0Eactually0Eworking0C/story01.htm

Original article

Let’s Encrypt free HTTPS certification push exits beta

Let's Encrypt An initiative to encourage more websites to encrypt connections by offering free digital certificates has today exited beta, six months on from its initial launch — the idea behind Let’s Encrypt being to lend an automated hand to smaller websites that might not have the resources to go about achieving public-key certification on their own. Read More


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/3vEJGjzVDO0/

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: