As one dog says to the other in Peter Steiner’s classic New Yorker cartoon– “On the Internet, nobody knows you’re a dog.” Software downloaded from the Internet is similar to people …
OpenSSL has announced a high severity vulnerability, CVE-2015-1793 which will require an upgrade to some OpenSSL installations. The vulnerability was discovered by Google personnel …
Last week I attended and presented at the National Institute of Standards and Technology (NIST) Workshop on Elliptic Curve Cryptography Standards. In NIST’s words, “The workshop is …
Recently, we read about lots of SSL/TLS-related vulnerabilities found in mobile apps, which should come as no surprise. We were warned about this back in 2012 (see these studies). …
On June 2, 2015, Facebook announced that it would stop supporting Facebook-connected apps that were signed with SHA-1, as of October 1, 2015. “These changes are part of a broader …
You have a dilemma. You want to continue to deploy your web service but are running out of IPv4 addresses. You consider deploying multiple virtual servers that will use the same IP …
Another flaw has been found in the basic encryption algorithms that secure the Internet. This flaw, named the Logjam attack by its discoverers (researchers from various …
The group that manages the Payment Card Industry Data Security Standard quietly announced in February that an imminent update was coming to its payment card and application …
Announcement
Since we last wrote about SSL/TLS performance, there has been a lot of activity in the IETF HTTP Working Group, resulting in the February announcement that the next version of HTTP …
Click on the image above to download a full-size version.
